General

  • Target

    DOC-49B8OP200.msi

  • Size

    1015KB

  • Sample

    210113-s1va3qpmte

  • MD5

    472a5b55e3ffd9c7e3f3b355bf7cae40

  • SHA1

    cf26c9f79529c897cd76fec9270d4ead9c235aa1

  • SHA256

    a54fe8044d12684b941ada860b515252623e9ddc1ae880ad370320fc0c2d5947

  • SHA512

    e7ce58cce7c899afde04f1f47cd78283edcb876d5bbb70c2dd9b03df9be6bc14abec3066968e5d4e8ceefe656ebf99cd04ab0da61be8a33ecc4ef06bda2b9a5f

Score
8/10

Malware Config

Targets

    • Target

      DOC-49B8OP200.msi

    • Size

      1015KB

    • MD5

      472a5b55e3ffd9c7e3f3b355bf7cae40

    • SHA1

      cf26c9f79529c897cd76fec9270d4ead9c235aa1

    • SHA256

      a54fe8044d12684b941ada860b515252623e9ddc1ae880ad370320fc0c2d5947

    • SHA512

      e7ce58cce7c899afde04f1f47cd78283edcb876d5bbb70c2dd9b03df9be6bc14abec3066968e5d4e8ceefe656ebf99cd04ab0da61be8a33ecc4ef06bda2b9a5f

    Score
    8/10
    • Blocklisted process makes network request

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks