c15e120dfea1fca3070849493fa9ea261ebf283707de01f2317537644ad7721c | Triage

Sharing

General

Target

c15e120dfea1fca3070849493fa9ea261ebf283707de01f2317537644ad7721c
Size

2.2MB
Sample

241005-2x5hgsvgpr
MD5

b60a10275620c4c09fbbeb5be08ea6a8
SHA1

ccba439dd06950dca64a5693f9681a3697b4f938
SHA256

c15e120dfea1fca3070849493fa9ea261ebf283707de01f2317537644ad7721c
SHA512

3b1d80135952dae469343a3ca6b5aa906b3b414a85530b042d8e3b83f65df64bc961f46c3a22f565a25fe7ca7c8b782b44c0d731d88010d71691f895486b64a4
SSDEEP

49152:BuVKxN4cwZHE3akeSJXMOMsJgYT94pKl/Bk+MAT3gXmdAoErdnr2fO5v:BuV24JSJXMOTg694pQ/q+bPAXr5rxv

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  56150033.exe
- Size
  
  2.6MB
- MD5
  
  1e920633f69873d0a17572e035c3705d
- SHA1
  
  a45d913c71c79186e2fd60902177f82fd2ef6fdf
- SHA256
  
  5fc6d8ccc2bc6839c99ee4fee20050c488494d0f54ff64330380e928fa1ab9a3
- SHA512
  
  351578607b0504ed7d735fabc999f6d320cc571fe55e7ca721a4187976367ea93772e60ff5181451271189b8284351022c1bcab2735bb8510a17ff8d58f1c159
- SSDEEP
  
  49152:KzTzTzTzTzTzTzTzTzTzTzTzTzTzTzTz:MHHHHHHHHHHHHHHH
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2