150e840ab06195a5a3f76d2ad5e3e9e8f14377e59768b1d1341e5b7252965b7c | Triage

Sharing

General

Target

ur.msi
Size

36KB
Sample

221219-yyfc7sga32
MD5

9a1115c0263cbff5a5c87704cc19cf5f
SHA1

edf00643da4ada350456342a9b095674a710297f
SHA256

150e840ab06195a5a3f76d2ad5e3e9e8f14377e59768b1d1341e5b7252965b7c
SHA512

1c1cc7c5906fd478e2fbc21b7b5b45be1e57dda16a6bfa1706535f37632cf447136785d510b2a8dd0a4b14de61e7484124f041ee94a238b67f45daf7494947f4
SSDEEP

384:HmcA548B8Ty+gX4Hby3M5koXbGWv0m8V4x5Pey3M5sC0Loj8H:4z+HWMxGLweWMmC

Score

8^/10

Malware Config

Targets

- Target
  
  ur.msi
- Size
  
  36KB
- MD5
  
  9a1115c0263cbff5a5c87704cc19cf5f
- SHA1
  
  edf00643da4ada350456342a9b095674a710297f
- SHA256
  
  150e840ab06195a5a3f76d2ad5e3e9e8f14377e59768b1d1341e5b7252965b7c
- SHA512
  
  1c1cc7c5906fd478e2fbc21b7b5b45be1e57dda16a6bfa1706535f37632cf447136785d510b2a8dd0a4b14de61e7484124f041ee94a238b67f45daf7494947f4
- SSDEEP
  
  384:HmcA548B8Ty+gX4Hby3M5koXbGWv0m8V4x5Pey3M5sC0Loj8H:4z+HWMxGLweWMmC
Score

8^/10
- Blocklisted process makes network request
- Drops startup file
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2