2c49af647528504978d62b9aeb449bd1f4aeeadb0f53b80fe184567dfa4f33b5 | Triage

Sharing

General

Target

2c49af647528504978d62b9aeb449bd1f4aeeadb0f53b80fe184567dfa4f33b5.zip
Size

389KB
Sample

240919-bjyjxashpe
MD5

028912f3666e27ee4b84cf8bb6d248af
SHA1

51242821b63d1e96494158ee05aca162bae5264a
SHA256

2c49af647528504978d62b9aeb449bd1f4aeeadb0f53b80fe184567dfa4f33b5
SHA512

382d15b8b8f910bb8acc05c92eeac03e31a1b678bf0bcd7d5b350ec10be7627bd14a316069eeeeb7ee29a25b134a09149e3e1088eec8be2aa3eab62ac8fd3dde
SSDEEP

12288:JoDKaGqFpQN5Oa6OQQz8tsCdKWBz6CN72R52:CDGUpE5VGQzisJazz2RY

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  Form-8879_PDF.jar
- Size
  
  409KB
- MD5
  
  aab581c5eec444fec05cf4d81bb57f66
- SHA1
  
  d503d1d22720cb62571b9d36852eb07e764e052a
- SHA256
  
  769fc3a07c8e31ebd1c6cc9dd91b3c4870688404aa255f6d615c4e60bcd6dec4
- SHA512
  
  06a4b8a072ef2f5d309b73cd07afea8e926a125a670cb3690435b17fb004d2b9172ed70de87b35ce94ba9da06041a0d7ead63c96e1ba21d10be03cf28daf43a4
- SSDEEP
  
  12288:GQXtDmMkRxkOOGkOfnq/4t5zmjrbCu51RGw9Q:PtDwRxkdGkSn64t5iXbz51RGw9Q
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2