15f01cf888792f4f3c3124b6e65a615342c7c8b9788941947f8131f3786a499c | Triage

Submit
Reports

Overview

overview

8

Static

static

8

meu.agenda...0e.msi

windows7_x64

8

meu.agenda...0e.msi

windows10_x64

8

Sharing

General

Target

meu.agendamento28765768 zwrgikqa mcsh0e.msi
Size

269KB
Sample

210726-btzma2r35j
MD5

0a6e3cafaf5cb2656e56be4440d06662
SHA1

01a311c11f47d5b85de8e05dfd3fc59f3b4e12ad
SHA256

15f01cf888792f4f3c3124b6e65a615342c7c8b9788941947f8131f3786a499c
SHA512

e14201a00dfefe8becb294d48c452dcabe74acde46dba0af6c82c315d8ed5f3a616c31fd26bb5473ccfd80985c317324152bc8f813c58a534b141c49e414b12d

Score

8^/10

macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

meu.agendamento28765768 zwrgikqa mcsh0e.msi

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

meu.agendamento28765768 zwrgikqa mcsh0e.msi

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  meu.agendamento28765768 zwrgikqa mcsh0e.msi
- Size
  
  269KB
- MD5
  
  0a6e3cafaf5cb2656e56be4440d06662
- SHA1
  
  01a311c11f47d5b85de8e05dfd3fc59f3b4e12ad
- SHA256
  
  15f01cf888792f4f3c3124b6e65a615342c7c8b9788941947f8131f3786a499c
- SHA512
  
  e14201a00dfefe8becb294d48c452dcabe74acde46dba0af6c82c315d8ed5f3a616c31fd26bb5473ccfd80985c317324152bc8f813c58a534b141c49e414b12d
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy