Overview

overview

8

Static

static

10

16- 157903.msi

windows7_x64

8

16- 157903.msi

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16- 157903.msi

  • Size

    264KB

  • Sample

    211116-yqdveafcg3

  • MD5

    0d259b6b894a65c264395235a3722ab7

  • SHA1

    17495dc4068697be14ea945960f967f704a92597

  • SHA256

    2dd1baf72316b8c0f6935f9e80366a35c1566432c142769482c517a0a236a80a

  • SHA512

    a878b15022e706c31ab2e445b84413512025cd0306146adfa4ce4edabdcc0a29ad822e3d5e2049da63f5a2f3767a0a18c08db7435f82d8eb7a98cb4a6ebd6c6b

Score
10/10
latam_generic_downloader

Malware Config

Extracted

Family

latam_generic_downloader

C2

http://45.77.75.21/sdump.clie

Targets

    • Target

      16- 157903.msi

    • Size

      264KB

    • MD5

      0d259b6b894a65c264395235a3722ab7

    • SHA1

      17495dc4068697be14ea945960f967f704a92597

    • SHA256

      2dd1baf72316b8c0f6935f9e80366a35c1566432c142769482c517a0a236a80a

    • SHA512

      a878b15022e706c31ab2e445b84413512025cd0306146adfa4ce4edabdcc0a29ad822e3d5e2049da63f5a2f3767a0a18c08db7435f82d8eb7a98cb4a6ebd6c6b

    Score
    8/10

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks