Overview

overview

10

Static

static

10

c51857627b...07.msi

windows7_x64

8

c51857627b...07.msi

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c51857627b43582a7f2995c27356717b474854716ddffabcc4ec03b0085bcc07

  • Size

    280KB

  • Sample

    220520-ffckgsafa7

  • MD5

    04e7028611b3a265f90a627f45e43721

  • SHA1

    10cc07c9d057baff07aa81e5f6c3833f8c763f8d

  • SHA256

    c51857627b43582a7f2995c27356717b474854716ddffabcc4ec03b0085bcc07

  • SHA512

    e6f39b4e3d934eae2a47e2ee382c7560e3c8852e95d2ce72ee1a6eb31e92b8e102a922638077b16f31ebdb9da92e932649f43d755627b0c5a1c45bff360b5382

Score
10/10
latam_generic_downloader

Malware Config

Targets

    • Target

      c51857627b43582a7f2995c27356717b474854716ddffabcc4ec03b0085bcc07

    • Size

      280KB

    • MD5

      04e7028611b3a265f90a627f45e43721

    • SHA1

      10cc07c9d057baff07aa81e5f6c3833f8c763f8d

    • SHA256

      c51857627b43582a7f2995c27356717b474854716ddffabcc4ec03b0085bcc07

    • SHA512

      e6f39b4e3d934eae2a47e2ee382c7560e3c8852e95d2ce72ee1a6eb31e92b8e102a922638077b16f31ebdb9da92e932649f43d755627b0c5a1c45bff360b5382

    Score
    8/10

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks