General
-
Target
0329fb0b86a0f542c95c6405d5cb8e78.msi
-
Size
4.0MB
-
Sample
211217-lpx6faebfk
-
MD5
0329fb0b86a0f542c95c6405d5cb8e78
-
SHA1
1871d26fb53a65d99bb72819e0069804cebe3443
-
SHA256
0b9d503e19f5555e2f2d13d629f9ba95f33a1317a1cc38d54daf176f52827d3c
-
SHA512
b156c3c65da4ab00835f1d727e4da41e0e965f64da4a2f7eb1fe7a9025791daab4e931dfb36a834cb277c756f8f5d2addd78ef606e091e0594d78c92d5de31df
Static task
static1
Behavioral task
behavioral1
Sample
0329fb0b86a0f542c95c6405d5cb8e78.msi
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0329fb0b86a0f542c95c6405d5cb8e78.msi
Resource
win10-en-20211208
Malware Config
Extracted
latam_generic_downloader
http://ec2-18-228-11-80.sa-east-1.compute.amazonaws.com/TES/M98867567576756U6U6U67.zip
Targets
-
-
Target
0329fb0b86a0f542c95c6405d5cb8e78.msi
-
Size
4.0MB
-
MD5
0329fb0b86a0f542c95c6405d5cb8e78
-
SHA1
1871d26fb53a65d99bb72819e0069804cebe3443
-
SHA256
0b9d503e19f5555e2f2d13d629f9ba95f33a1317a1cc38d54daf176f52827d3c
-
SHA512
b156c3c65da4ab00835f1d727e4da41e0e965f64da4a2f7eb1fe7a9025791daab4e931dfb36a834cb277c756f8f5d2addd78ef606e091e0594d78c92d5de31df
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-