fee633634ddcd2c568619df14099bde7de010ab7a31c6a683c366b9957f19530 | Triage

Sharing

General

Target

file.msi
Size

2.2MB
Sample

221202-xrchaseb52
MD5

4c4fd324221460698be179ed4b95707e
SHA1

94d65f66c2c825d647b313704aed76ae22f58907
SHA256

fee633634ddcd2c568619df14099bde7de010ab7a31c6a683c366b9957f19530
SHA512

3f0220e0eb94f1cab246063ee757267c8c5a7120d719c460ebcfd64507a008a7810ae9d37e9d3129f4e531746d0a37c10628c9e73acbb11ebb4732b55085614e
SSDEEP

49152:I2cy7PWnqSo21UEISKZwtjDnTHwzlEkCWSVKob/3/0:I2rP30UEIpZaDTQGkj6b/8

Score

8^/10

Malware Config

Targets

- Target
  
  file.msi
- Size
  
  2.2MB
- MD5
  
  4c4fd324221460698be179ed4b95707e
- SHA1
  
  94d65f66c2c825d647b313704aed76ae22f58907
- SHA256
  
  fee633634ddcd2c568619df14099bde7de010ab7a31c6a683c366b9957f19530
- SHA512
  
  3f0220e0eb94f1cab246063ee757267c8c5a7120d719c460ebcfd64507a008a7810ae9d37e9d3129f4e531746d0a37c10628c9e73acbb11ebb4732b55085614e
- SSDEEP
  
  49152:I2cy7PWnqSo21UEISKZwtjDnTHwzlEkCWSVKob/3/0:I2rP30UEIpZaDTQGkj6b/8
Score

8^/10
- Blocklisted process makes network request
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2