General
-
Target
Proc.Eeletronico80rdgkj4 qoz4br.msi
-
Size
4.0MB
-
Sample
211123-qp4ensdch9
-
MD5
1321ee6809d5368dc9ec125e04bc4cf8
-
SHA1
f1c0503e18eba4af77c5e637b38f2cf323e6c2bc
-
SHA256
c8c447eabc388282ef6ee8678cce4aa65557bf557a936109485648fd217baae8
-
SHA512
c348633687ec45a8c6a82fb7339ceb54bcc7c7448108841d4c4aa54ab15de582dd4b2b981ce76c743dd6d3f5ceaf96491cf2a9065df3439aafd33d1398900597
Malware Config
Extracted
latam_generic_downloader
https://jridicaopyxxxqrcgold.com/M1/ABGSGDEY4754657588V.zip
Targets
-
-
Target
Proc.Eeletronico80rdgkj4 qoz4br.msi
-
Size
4.0MB
-
MD5
1321ee6809d5368dc9ec125e04bc4cf8
-
SHA1
f1c0503e18eba4af77c5e637b38f2cf323e6c2bc
-
SHA256
c8c447eabc388282ef6ee8678cce4aa65557bf557a936109485648fd217baae8
-
SHA512
c348633687ec45a8c6a82fb7339ceb54bcc7c7448108841d4c4aa54ab15de582dd4b2b981ce76c743dd6d3f5ceaf96491cf2a9065df3439aafd33d1398900597
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-