General
-
Target
PAGA-TUS-MULTAS-34ed1ecf-1a2c-4d26_____________________________________________________________________85ba-ba597ff6089b.msi
-
Size
1.6MB
-
Sample
221123-qxz28aab7x
-
MD5
895d068ffb4c4ca7c8e677a051bbbaae
-
SHA1
faf3d6eedbcd49d446059c2bf1cfed6a1b9b6913
-
SHA256
687ac0a86056ab61af2e1c34b053e7d58ab19b64bab5d13b81e2e3dcab878426
-
SHA512
1877e98c58f21060ffbe9726320deb43a342f0d969164b760842f8fcbc13d7b8413e3b37434dcaaec9137514e217e7d7685a31b6eaf190425ea654d847549b11
-
SSDEEP
49152:pCyNitjVqoA5AwxDOjSETeVfb/6LYE3c9ANB:qtMJAwOjSEPYP
Malware Config
Targets
-
-
Target
PAGA-TUS-MULTAS-34ed1ecf-1a2c-4d26_____________________________________________________________________85ba-ba597ff6089b.msi
-
Size
1.6MB
-
MD5
895d068ffb4c4ca7c8e677a051bbbaae
-
SHA1
faf3d6eedbcd49d446059c2bf1cfed6a1b9b6913
-
SHA256
687ac0a86056ab61af2e1c34b053e7d58ab19b64bab5d13b81e2e3dcab878426
-
SHA512
1877e98c58f21060ffbe9726320deb43a342f0d969164b760842f8fcbc13d7b8413e3b37434dcaaec9137514e217e7d7685a31b6eaf190425ea654d847549b11
-
SSDEEP
49152:pCyNitjVqoA5AwxDOjSETeVfb/6LYE3c9ANB:qtMJAwOjSEPYP
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-