General

  • Target

    load.msi

  • Size

    4.0MB

  • Sample

    220113-tbxlrabcc5

  • MD5

    84a654e89c30bf453beecaafb694f6a9

  • SHA1

    40ead07a0b5079314cfb2811d425e0370f6b6715

  • SHA256

    5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53

  • SHA512

    3e8b1e228d9e46c1fbb3639c5c71a6d790f51696160c11252906ddefe31db6668c687937fb6fd9f4bbbcadcf0c7357b03dc64299f7f36447279943c1e1f6914f

Malware Config

Extracted

Family

latam_generic_downloader

C2

http://ec2-54-146-131-144.compute-1.amazonaws.com/SAGA/AQ345454RTE5WE5467588.zip

Targets

    • Target

      load.msi

    • Size

      4.0MB

    • MD5

      84a654e89c30bf453beecaafb694f6a9

    • SHA1

      40ead07a0b5079314cfb2811d425e0370f6b6715

    • SHA256

      5fe0bcefbfd86e01e6fd17a2009f2e9ebaf041e9ecf7ce3c83603a74ad440d53

    • SHA512

      3e8b1e228d9e46c1fbb3639c5c71a6d790f51696160c11252906ddefe31db6668c687937fb6fd9f4bbbcadcf0c7357b03dc64299f7f36447279943c1e1f6914f

    Score
    8/10
    • Blocklisted process makes network request

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks