Overview

overview

10

Static

static

5713de.msi

windows7_x64

10

5713de.msi

windows10-2004_x64

10

Resubmissions

30-06-2022 09:32

220630-lhz2fsbhd8 10

05-05-2022 13:14

220505-qgy5zsafhk 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5713de.msi

  • Size

    1.0MB

  • Sample

    220630-lhz2fsbhd8

  • MD5

    b8520a4e0945ba689030685895d6bed8

  • SHA1

    ea8b828430149f67f45f9a71ee486bc674e21da7

  • SHA256

    34839e85cb8ae781654f2f9f0529114dbf21399e02bea3c9de94f6c247807e7e

  • SHA512

    f35feec25d6aa629b050c0ec3f8ac2d94887cc05eba11e7bb816aec1c60a6a5ad0f3703bd4e28a8753717b14225ea46364a518d76531e3534d6a4c4fbca2b966

Score
10/10
matanbuchusloader

Malware Config

Targets

    • Target

      5713de.msi

    • Size

      1.0MB

    • MD5

      b8520a4e0945ba689030685895d6bed8

    • SHA1

      ea8b828430149f67f45f9a71ee486bc674e21da7

    • SHA256

      34839e85cb8ae781654f2f9f0529114dbf21399e02bea3c9de94f6c247807e7e

    • SHA512

      f35feec25d6aa629b050c0ec3f8ac2d94887cc05eba11e7bb816aec1c60a6a5ad0f3703bd4e28a8753717b14225ea46364a518d76531e3534d6a4c4fbca2b966

    Score
    10/10
    matanbuchusloader

    • Matanbuchus

      A loader sold as MaaS first seen in February 2021.

      loadermatanbuchus

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks