Resubmissions

29-09-2022 12:34

220929-pr4b1sagd2 8

29-09-2022 12:29

220929-ppb5raagb2 8

General

  • Target

    Suricata-6.0.6-1-64bit.msi

  • Size

    22.6MB

  • Sample

    220929-pr4b1sagd2

  • MD5

    8b9258c77ca6bebff5a0cbf116c02129

  • SHA1

    750ecdf0c3d3b63ae0f5d3f753731345e59caedc

  • SHA256

    ce545bb7539dd09990bc9cf9d8a78492124d6a132f9d86d0b5fa60c0ae4186b2

  • SHA512

    cd1a0847d70497c4abe2a7d538d0b13461806250340158677c9f5de9258ef99ec625c5366a853a05d8809dcb7c1dd616c2cdcb249a25fb20bfcd995198f69219

  • SSDEEP

    393216:Zv+Pjv1e3OWSr1hE0UElR69nfSbkC5ZUnD8+2QZpmRuqzQbtitLPEjTJ1YkfFnJt:ZAsOWn+6UhZM8+Bm4qzQpUbKT6

Score
8/10

Malware Config

Targets

    • Target

      Suricata-6.0.6-1-64bit.msi

    • Size

      22.6MB

    • MD5

      8b9258c77ca6bebff5a0cbf116c02129

    • SHA1

      750ecdf0c3d3b63ae0f5d3f753731345e59caedc

    • SHA256

      ce545bb7539dd09990bc9cf9d8a78492124d6a132f9d86d0b5fa60c0ae4186b2

    • SHA512

      cd1a0847d70497c4abe2a7d538d0b13461806250340158677c9f5de9258ef99ec625c5366a853a05d8809dcb7c1dd616c2cdcb249a25fb20bfcd995198f69219

    • SSDEEP

      393216:Zv+Pjv1e3OWSr1hE0UElR69nfSbkC5ZUnD8+2QZpmRuqzQbtitLPEjTJ1YkfFnJt:ZAsOWn+6UhZM8+Bm4qzQpUbKT6

    Score
    8/10
    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

2
T1120

System Information Discovery

2
T1082

Tasks