Overview

overview

8

Static

static

DRTO10179793.msi

windows7-x64

DRTO10179793.msi

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DRTO10179793.msi

  • Size

    3.3MB

  • Sample

    230103-swbpcabg77

  • MD5

    32c752eed98197d9d401a1054bd39009

  • SHA1

    55371da49cc341e585735c2616c26676c8a95a56

  • SHA256

    03e6328bcd5a3e48de00c5512d47d2e11c652348aad299d118e9063142d8aff0

  • SHA512

    82cb48d02e0660d995a63ad37cab022d5972ccd61bb4cc1e608687fd08556d27817128fde8303e5838306bb8d547bd7fa9106ab6c4d8fcaaa2a36ff12dade98e

  • SSDEEP

    49152:EiDxGSFVtaNXAZK8tKk5ojmrhCMz5vk3ukDln/hFRFNUEekBZWsRkn4frUMXjDtc:dxMXA9Kknz5vquVsRe4frUMXjTY

Score
8/10

Malware Config

Targets

    • Target

      DRTO10179793.msi

    • Size

      3.3MB

    • MD5

      32c752eed98197d9d401a1054bd39009

    • SHA1

      55371da49cc341e585735c2616c26676c8a95a56

    • SHA256

      03e6328bcd5a3e48de00c5512d47d2e11c652348aad299d118e9063142d8aff0

    • SHA512

      82cb48d02e0660d995a63ad37cab022d5972ccd61bb4cc1e608687fd08556d27817128fde8303e5838306bb8d547bd7fa9106ab6c4d8fcaaa2a36ff12dade98e

    • SSDEEP

      49152:EiDxGSFVtaNXAZK8tKk5ojmrhCMz5vk3ukDln/hFRFNUEekBZWsRkn4frUMXjDtc:dxMXA9Kknz5vquVsRe4frUMXjTY

    Score
    8/10

    • Blocklisted process makes network request

    • Drops startup file

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks