General
-
Target
VMware-workstation-full-15.5.7-17171714.exe
-
Size
552.3MB
-
Sample
220924-3zwtssdgej
-
MD5
8cb641951abb0f144d2967e56aa45a5b
-
SHA1
f8354f02fbd3c22a83c2beeacba366bd6b522364
-
SHA256
5833799ba0c3ec8b315be3b0d7f3121ff28f4b33b3c60b31f80208fffb158d96
-
SHA512
1154bd92b355032b089b9ba9b0da59e2e5d22cb2a52965645a64e15cf0c2c1c79299e0ac2e095b2eaee659c6362b32648d8ef7d4fbe533e15d4fd0e7021f666a
-
SSDEEP
12582912:1jToh1OTFYBRVxu2xcYuMteZmNA3rzf7zcD6zPDe04De0SUr:1forOTi/IYuMteZ6crzf7zcD6zPDe04z
Malware Config
Targets
-
-
Target
VMware-workstation-full-15.5.7-17171714.exe
-
Size
552.3MB
-
MD5
8cb641951abb0f144d2967e56aa45a5b
-
SHA1
f8354f02fbd3c22a83c2beeacba366bd6b522364
-
SHA256
5833799ba0c3ec8b315be3b0d7f3121ff28f4b33b3c60b31f80208fffb158d96
-
SHA512
1154bd92b355032b089b9ba9b0da59e2e5d22cb2a52965645a64e15cf0c2c1c79299e0ac2e095b2eaee659c6362b32648d8ef7d4fbe533e15d4fd0e7021f666a
-
SSDEEP
12582912:1jToh1OTFYBRVxu2xcYuMteZmNA3rzf7zcD6zPDe04De0SUr:1forOTi/IYuMteZ6crzf7zcD6zPDe04z
Score9/10-
Detect jar appended to MSI
-
Executes dropped EXE
-
Looks for VMWare Tools registry key
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-