latam_generic_downloader | 36417eb2ecdbb537b9679f959a8ab356e954f1a1ae200a360f7fed963c8d04e2 | Triage

Submit
Reports

Overview

overview

8

Static

static

73f1227353...fa.msi

windows7_x64

8

73f1227353...fa.msi

windows10_x64

8

Sharing

General

Target

73f1227353bf94e9e829088b81cd25fa
Size

263KB
Sample

210930-ss3nnaaae9
MD5

73f1227353bf94e9e829088b81cd25fa
SHA1

3d7412f2aae4e578712a19fedd5994aab0afee52
SHA256

36417eb2ecdbb537b9679f959a8ab356e954f1a1ae200a360f7fed963c8d04e2
SHA512

604be82de36114922a62d1661a537a2a8023fb354ff41a682a843106f622a688063e78deffda52f0de1a76fc115ccab954fdf6a4250ff43aaa654e13c1b844b1

Score

10^/10

latam_generic_downloader persistence

Static task

static1

latam_generic_downloader

Behavioral task

behavioral1

Sample

73f1227353bf94e9e829088b81cd25fa.msi

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

73f1227353bf94e9e829088b81cd25fa.msi

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

latam_generic_downloader

C2

https://fmwaretzb.s3.sa-east-1.amazonaws.com/smart.max

Targets

- Target
  
  73f1227353bf94e9e829088b81cd25fa
- Size
  
  263KB
- MD5
  
  73f1227353bf94e9e829088b81cd25fa
- SHA1
  
  3d7412f2aae4e578712a19fedd5994aab0afee52
- SHA256
  
  36417eb2ecdbb537b9679f959a8ab356e954f1a1ae200a360f7fed963c8d04e2
- SHA512
  
  604be82de36114922a62d1661a537a2a8023fb354ff41a682a843106f622a688063e78deffda52f0de1a76fc115ccab954fdf6a4250ff43aaa654e13c1b844b1
Score

8^/10

persistence
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

latam_generic_downloader

behavioral1

behavioral2

© 2018-2024

Terms | Privacy