Overview

overview

10

Static

static

10

e9c0fcf1b6...8d.msi

windows7_x64

8

e9c0fcf1b6...8d.msi

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e9c0fcf1b6dc4b895ed5ad5c4a6f3aeed343055584f7be6a478f525a27a56d8d.msi

  • Size

    4.0MB

  • Sample

    220111-z3xnqahcg6

  • MD5

    9c29559b0910132668be272b7228fb5b

  • SHA1

    57f3e22aba505bcc671d6b1ac54068c0cdead4b0

  • SHA256

    e9c0fcf1b6dc4b895ed5ad5c4a6f3aeed343055584f7be6a478f525a27a56d8d

  • SHA512

    143392c71a7cd435e454b79bdcb89c2388a6462111f87bac9118e2189792be24b9bd768f28a5d47042f1e984e133e83d8fc2e0f5dc65746e6a248f482814efde

Score
10/10
latam_generic_downloaderupx

Malware Config

Extracted

Family

latam_generic_downloader

C2

http://ec2-52-67-194-250.sa-east-1.compute.amazonaws.com/LG/A345465YTYEU5Y6876876898O8O0.zip

Targets

    • Target

      e9c0fcf1b6dc4b895ed5ad5c4a6f3aeed343055584f7be6a478f525a27a56d8d.msi

    • Size

      4.0MB

    • MD5

      9c29559b0910132668be272b7228fb5b

    • SHA1

      57f3e22aba505bcc671d6b1ac54068c0cdead4b0

    • SHA256

      e9c0fcf1b6dc4b895ed5ad5c4a6f3aeed343055584f7be6a478f525a27a56d8d

    • SHA512

      143392c71a7cd435e454b79bdcb89c2388a6462111f87bac9118e2189792be24b9bd768f28a5d47042f1e984e133e83d8fc2e0f5dc65746e6a248f482814efde

    Score
    8/10
    upx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops startup file

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks