Overview

overview

10

Static

static

7e37d02878...c9.msi

windows7_x64

10

7e37d02878...c9.msi

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e37d028789ab2b47bcab159da6458da2e8198617b0e7760174e4a0eea07d9c9

  • Size

    224KB

  • Sample

    220617-gva6msdbh8

  • MD5

    6892679f8a4b438c582c9954e15acd19

  • SHA1

    546bae92165363acd3e0aaef964cc02ec2a2e67d

  • SHA256

    7e37d028789ab2b47bcab159da6458da2e8198617b0e7760174e4a0eea07d9c9

  • SHA512

    064ece5fe73a356d9078e13134288e144288bd9e9d8d06cdd72f3aaf4cc9d397b5443be67e2d07f78a282d875187a9679e19506ae580d84c9a44142da366f108

Score
10/10
matanbuchusloader

Malware Config

Targets

    • Target

      7e37d028789ab2b47bcab159da6458da2e8198617b0e7760174e4a0eea07d9c9

    • Size

      224KB

    • MD5

      6892679f8a4b438c582c9954e15acd19

    • SHA1

      546bae92165363acd3e0aaef964cc02ec2a2e67d

    • SHA256

      7e37d028789ab2b47bcab159da6458da2e8198617b0e7760174e4a0eea07d9c9

    • SHA512

      064ece5fe73a356d9078e13134288e144288bd9e9d8d06cdd72f3aaf4cc9d397b5443be67e2d07f78a282d875187a9679e19506ae580d84c9a44142da366f108

    Score
    10/10
    matanbuchusloader

    • Matanbuchus

      A loader sold as MaaS first seen in February 2021.

      loadermatanbuchus

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks