General

  • Target

    WMOSetup_4.1.4.116.exe

  • Size

    2.5MB

  • Sample

    221101-n25gdsbfe2

  • MD5

    4b1de52031324af30f596c2500c2716b

  • SHA1

    0d7af3836867a09bed40e59524646fd5b27929d7

  • SHA256

    6e40d297dee4e638efe0d0812f230b3bfc9f3ed7743c2e729b692c7fb9ccc013

  • SHA512

    5d6d2c254214d96d2949cc7a5634e46ab983dc9d9fb43917189d35587dc6c166d1eea6186c01664a65a07db8cacf3cd4d1572f88d44c1d64824faaac6b09e1b0

  • SSDEEP

    49152:7gBpfiwPGRL7Mg0fvztE/4xTSoArJ56fySMRE9k8niFIzyAYXijmq/mqnA:cBpfjSL7wfvztE/4xGoAd5FaWyyAYyi5

Malware Config

Targets

    • Target

      WMOSetup_4.1.4.116.exe

    • Size

      2.5MB

    • MD5

      4b1de52031324af30f596c2500c2716b

    • SHA1

      0d7af3836867a09bed40e59524646fd5b27929d7

    • SHA256

      6e40d297dee4e638efe0d0812f230b3bfc9f3ed7743c2e729b692c7fb9ccc013

    • SHA512

      5d6d2c254214d96d2949cc7a5634e46ab983dc9d9fb43917189d35587dc6c166d1eea6186c01664a65a07db8cacf3cd4d1572f88d44c1d64824faaac6b09e1b0

    • SSDEEP

      49152:7gBpfiwPGRL7Mg0fvztE/4xTSoArJ56fySMRE9k8niFIzyAYXijmq/mqnA:cBpfjSL7wfvztE/4xGoAd5FaWyyAYyi5

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks