latam_generic_downloader | 5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53 | Triage

Submit
Reports

Overview

overview

Static

static

5fe0bcefbf...53.msi

windows7_x64

8

5fe0bcefbf...53.msi

windows10_x64

8

Sharing

General

Target

5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53.msi
Size

4.0MB
Sample

220113-snp7rsbag4
MD5

84a654e89c30bf453beecaafb694f6a9
SHA1

40ead07a0b5079314cfb2811d425e0370f6b6715
SHA256

5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53
SHA512

3e8b1e228d9e46c1fbb3639c5c71a6d790f51696160c11252906ddefe31db6668c687937fb6fd9f4bbbcadcf0c7357b03dc64299f7f36447279943c1e1f6914f

Score

10^/10

latam_generic_downloader

Static task

static1

latam_generic_downloader

Behavioral task

behavioral1

Sample

5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53.msi

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53.msi

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

latam_generic_downloader

C2

http://ec2-54-146-131-144.compute-1.amazonaws.com/SAGA/AQ345454RTE5WE5467588.zip

Targets

- Target
  
  5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53.msi
- Size
  
  4.0MB
- MD5
  
  84a654e89c30bf453beecaafb694f6a9
- SHA1
  
  40ead07a0b5079314cfb2811d425e0370f6b6715
- SHA256
  
  5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53
- SHA512
  
  3e8b1e228d9e46c1fbb3639c5c71a6d790f51696160c11252906ddefe31db6668c687937fb6fd9f4bbbcadcf0c7357b03dc64299f7f36447279943c1e1f6914f
Score

8^/10
- Blocklisted process makes network request
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

latam_generic_downloader

behavioral1

behavioral2

© 2018-2024

Terms | Privacy