Overview

overview

8

Static

static

test.msi

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    test.msi

  • Size

    40.0MB

  • Sample

    220908-dxhrqaddg8

  • MD5

    40071570f238ceedb6c61e1af292cef0

  • SHA1

    0a7ebc42f2083edcf2563258a6e55281f4dab933

  • SHA256

    c8a6f804c77c03e645c77085ea7578de8b8170c737db8dee0b083515c0964ac8

  • SHA512

    158497c0d3fd83b85dd67c45c909b12913b9c88cf2896168f5f2f6bf46921017d2edfe302834087c36014b74a1986692b537dd5799728e3982fd05fc77ad4bc1

  • SSDEEP

    786432:USeuOl8/Sa93dbR7QJFyq0PbP03Eh8WyA77ahnA3NNRc5PDZJixcQ:lOl5aLFdRg3Eh85eC5PDZwx

Score
8/10

Malware Config

Targets

    • Target

      test.msi

    • Size

      40.0MB

    • MD5

      40071570f238ceedb6c61e1af292cef0

    • SHA1

      0a7ebc42f2083edcf2563258a6e55281f4dab933

    • SHA256

      c8a6f804c77c03e645c77085ea7578de8b8170c737db8dee0b083515c0964ac8

    • SHA512

      158497c0d3fd83b85dd67c45c909b12913b9c88cf2896168f5f2f6bf46921017d2edfe302834087c36014b74a1986692b537dd5799728e3982fd05fc77ad4bc1

    • SSDEEP

      786432:USeuOl8/Sa93dbR7QJFyq0PbP03Eh8WyA77ahnA3NNRc5PDZJixcQ:lOl5aLFdRg3Eh85eC5PDZwx

    Score
    8/10

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks