Overview

overview

10

Static

static

10

3f9a7292c3...ab.msi

windows7_x64

8

3f9a7292c3...ab.msi

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f9a7292c3b4837477ef5d8181fae11e827753a575f0ee852546fe64c79389ab

  • Size

    639KB

  • Sample

    220213-mttt9ahaa2

  • MD5

    e007150906487c162a47e2ed102460e3

  • SHA1

    19f4b3d82646e0872504d7862b0b01e3dc5822b8

  • SHA256

    3f9a7292c3b4837477ef5d8181fae11e827753a575f0ee852546fe64c79389ab

  • SHA512

    7b14161d8cf731da5a580f479bc358183b91658717cefe4b76e1b89028eae2a633e3254b075597dc43d92d20e008fe36007b70409dbec95ce3749e52020a357f

Score
10/10
latam_generic_downloaderpersistence

Malware Config

Extracted

Family

latam_generic_downloader

C2

https://s3-eu-west-1.amazonaws.com/disenyrt3/image2.png

Targets

    • Target

      3f9a7292c3b4837477ef5d8181fae11e827753a575f0ee852546fe64c79389ab

    • Size

      639KB

    • MD5

      e007150906487c162a47e2ed102460e3

    • SHA1

      19f4b3d82646e0872504d7862b0b01e3dc5822b8

    • SHA256

      3f9a7292c3b4837477ef5d8181fae11e827753a575f0ee852546fe64c79389ab

    • SHA512

      7b14161d8cf731da5a580f479bc358183b91658717cefe4b76e1b89028eae2a633e3254b075597dc43d92d20e008fe36007b70409dbec95ce3749e52020a357f

    Score
    8/10
    persistence

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks