General
-
Target
load.msi
-
Size
4.0MB
-
Sample
220113-tbxlrabcc5
-
MD5
84a654e89c30bf453beecaafb694f6a9
-
SHA1
40ead07a0b5079314cfb2811d425e0370f6b6715
-
SHA256
5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53
-
SHA512
3e8b1e228d9e46c1fbb3639c5c71a6d790f51696160c11252906ddefe31db6668c687937fb6fd9f4bbbcadcf0c7357b03dc64299f7f36447279943c1e1f6914f
Static task
static1
Behavioral task
behavioral1
Sample
load.msi
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
load.msi
Resource
win10-en-20211208
Malware Config
Extracted
latam_generic_downloader
http://ec2-54-146-131-144.compute-1.amazonaws.com/SAGA/AQ345454RTE5WE5467588.zip
Targets
-
-
Target
load.msi
-
Size
4.0MB
-
MD5
84a654e89c30bf453beecaafb694f6a9
-
SHA1
40ead07a0b5079314cfb2811d425e0370f6b6715
-
SHA256
5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53
-
SHA512
3e8b1e228d9e46c1fbb3639c5c71a6d790f51696160c11252906ddefe31db6668c687937fb6fd9f4bbbcadcf0c7357b03dc64299f7f36447279943c1e1f6914f
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-