Overview

overview

8

Static

static

ScratchLinkSetup.msi

windows7-x64

8

ScratchLinkSetup.msi

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    windows.zip

  • Size

    1.0MB

  • Sample

    221219-ree5rsfb76

  • MD5

    8927fbc91d1c7deb965f073e7b10994f

  • SHA1

    0c2d6b42f6564a53affbe65e4341a0e694862c12

  • SHA256

    a5e419804bfa9843c6ceaa7f27e4e6271d74a9e8937e76da48e99bf2beaae59a

  • SHA512

    a7589487bfd540496572b95fa851a5faa69aeaab2c7c66582be6618051229a445b0e9200a6fa5244582b25bca7a4dc5b010d90f0a91028427d1b52d9adc14ea3

  • SSDEEP

    24576:0EKK7QHWdg0oLFj0vRPS+TrNEbxwsPMnTLjnde5Co7GPnCBK:7a0oLt04QEbxzMLg5d7GPCBK

Score
8/10

Malware Config

Targets

    • Target

      ScratchLinkSetup.msi

    • Size

      2.4MB

    • MD5

      bef956e8404c21d33f2a2cbf0c09eabb

    • SHA1

      c53f8c24baa0a7ae8625f0623d7d078c820f827b

    • SHA256

      1bfd7723085419292bc9b36bed51c714c6b229a3eaa3aae79019ca3f5d38f980

    • SHA512

      3bea393b3eb2fb5471295a65dcd00ca98bd85f41c3f4d732fca49bcede6a26352233c823edc855bb137c2cce7dde51ee009667bb5a90d5dd20c29cb8bb0c3cb3

    • SSDEEP

      24576:NEm8LgaQDNtgwEn/UPU9HlD7ahOE2Z34KZyEgBnlHynlHzenlH:isDDgwi/BEnUIREgBdydyd

    Score
    8/10

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks