d2b19361c504cfbf90c6733c17a12f89928b14c12787a4df0da619dbd90facdf | Triage

Submit
Reports

Overview

overview

8

Static

static

airshipper...ws.msi

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

airshipper-windows.msi
Size

13.9MB
Sample

230108-n9sskade32
MD5

b30f858a333b468f768bc70db6cf4cc9
SHA1

881326e777a537c78bd4f02e1996f48d684e3e21
SHA256

d2b19361c504cfbf90c6733c17a12f89928b14c12787a4df0da619dbd90facdf
SHA512

ec2dd4886565df60a7fae85be8214fe495c9f5078fb46d227b654745bbea7abfe113f2aa3ab99dc0136e50bd7d5344909c36204f2aa6ab188341ce856fae73cd
SSDEEP

196608:Y1L/961cSEfDtbauOHiR5kFoRZ7hpBeppZU21WQfvHNVsc0EstM95ak8:OJUwUuid6Zp4DZUr4H/sssC9Uk

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

airshipper-windows.msi

Resource

win10v2004-20220812-es

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  airshipper-windows.msi
- Size
  
  13.9MB
- MD5
  
  b30f858a333b468f768bc70db6cf4cc9
- SHA1
  
  881326e777a537c78bd4f02e1996f48d684e3e21
- SHA256
  
  d2b19361c504cfbf90c6733c17a12f89928b14c12787a4df0da619dbd90facdf
- SHA512
  
  ec2dd4886565df60a7fae85be8214fe495c9f5078fb46d227b654745bbea7abfe113f2aa3ab99dc0136e50bd7d5344909c36204f2aa6ab188341ce856fae73cd
- SSDEEP
  
  196608:Y1L/961cSEfDtbauOHiR5kFoRZ7hpBeppZU21WQfvHNVsc0EstM95ak8:OJUwUuid6Zp4DZUr4H/sssC9Uk
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy