5d2632675a842d2ff367dd336a5ae3ea030af615ae614dc4e3a11bacc1923645 | Triage

Sharing

General

Target

5d2632675a842d2ff367dd336a5ae3ea030af615ae614dc4e3a11bacc1923645N
Size

4.8MB
Sample

240919-gmjstathkm
MD5

8126c4e7101ca615321e9a73ff179100
SHA1

809cbf787f1fdffe4b26459d34c4b541a26ccf4d
SHA256

5d2632675a842d2ff367dd336a5ae3ea030af615ae614dc4e3a11bacc1923645
SHA512

077d780e8fb751cecd1054834fd6f8999abdc5a0058f8169a34a68fe9d47b7f1cdd1630f5a44d88aff1fd8d0c90777babc353d8fd888b3893f174522768cf121
SSDEEP

49152:yqj00f62wSvIu8kyyOiIBQoKHnHuB1UAjwqbMVaydWfOHSCyN78/NW6g/yjKj63e:yieSvLy0IKoKHHIMz15bN84s

Score

6^/10

defense_evasion execution

Malware Config

Targets

- Target
  
  5d2632675a842d2ff367dd336a5ae3ea030af615ae614dc4e3a11bacc1923645N
- Size
  
  4.8MB
- MD5
  
  8126c4e7101ca615321e9a73ff179100
- SHA1
  
  809cbf787f1fdffe4b26459d34c4b541a26ccf4d
- SHA256
  
  5d2632675a842d2ff367dd336a5ae3ea030af615ae614dc4e3a11bacc1923645
- SHA512
  
  077d780e8fb751cecd1054834fd6f8999abdc5a0058f8169a34a68fe9d47b7f1cdd1630f5a44d88aff1fd8d0c90777babc353d8fd888b3893f174522768cf121
- SSDEEP
  
  49152:yqj00f62wSvIu8kyyOiIBQoKHnHuB1UAjwqbMVaydWfOHSCyN78/NW6g/yjKj63e:yieSvLy0IKoKHHIMz15bN84s
Score

6^/10

defense_evasion execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Ignore Process Interrupts

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

defense_evasionexecution