General

  • Target

    KeyFinderInstaller.exe

  • Size

    894KB

  • Sample

    201124-1tlhx42sns

  • MD5

    4b2139441df5fdaeda146339c7e6777e

  • SHA1

    8c07195a795889badc7759a402a6e992f96ebe1b

  • SHA256

    7ff75915724b2c6ee04d52f56d2e9ae0f45bebff8a378246fd61b8d6afece159

  • SHA512

    1d9746960c6f938121f147f8d65e1a5a641b3ff2c38edc3f4850670577a476d01d8b8f553475ac704a51ba200e7815f8b07357eb90bd6c7d5f0f899c6b56a48a

Score
8/10

Malware Config

Targets

    • Target

      KeyFinderInstaller.exe

    • Size

      894KB

    • MD5

      4b2139441df5fdaeda146339c7e6777e

    • SHA1

      8c07195a795889badc7759a402a6e992f96ebe1b

    • SHA256

      7ff75915724b2c6ee04d52f56d2e9ae0f45bebff8a378246fd61b8d6afece159

    • SHA512

      1d9746960c6f938121f147f8d65e1a5a641b3ff2c38edc3f4850670577a476d01d8b8f553475ac704a51ba200e7815f8b07357eb90bd6c7d5f0f899c6b56a48a

    Score
    8/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Security Software Discovery

1
T1063

Query Registry

1
T1012

Tasks