General

  • Target

    0329fb0b86a0f542c95c6405d5cb8e78.msi

  • Size

    4.0MB

  • Sample

    211217-lpx6faebfk

  • MD5

    0329fb0b86a0f542c95c6405d5cb8e78

  • SHA1

    1871d26fb53a65d99bb72819e0069804cebe3443

  • SHA256

    0b9d503e19f5555e2f2d13d629f9ba95f33a1317a1cc38d54daf176f52827d3c

  • SHA512

    b156c3c65da4ab00835f1d727e4da41e0e965f64da4a2f7eb1fe7a9025791daab4e931dfb36a834cb277c756f8f5d2addd78ef606e091e0594d78c92d5de31df

Malware Config

Extracted

Family

latam_generic_downloader

C2

http://ec2-18-228-11-80.sa-east-1.compute.amazonaws.com/TES/M98867567576756U6U6U67.zip

Targets

    • Target

      0329fb0b86a0f542c95c6405d5cb8e78.msi

    • Size

      4.0MB

    • MD5

      0329fb0b86a0f542c95c6405d5cb8e78

    • SHA1

      1871d26fb53a65d99bb72819e0069804cebe3443

    • SHA256

      0b9d503e19f5555e2f2d13d629f9ba95f33a1317a1cc38d54daf176f52827d3c

    • SHA512

      b156c3c65da4ab00835f1d727e4da41e0e965f64da4a2f7eb1fe7a9025791daab4e931dfb36a834cb277c756f8f5d2addd78ef606e091e0594d78c92d5de31df

    Score
    8/10
    • Blocklisted process makes network request

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks