General

  • Target

    setup_pstmafm44x_20220402_Beta.exe

  • Size

    28MB

  • Sample

    230125-msxvhsfg59

  • MD5

    153d9212e049fa053d2337de207f169f

  • SHA1

    8c8b0692d48c3bc8ede9f426993f283943c79537

  • SHA256

    2e5f727b95527d3320a50400c48bec4208dd10f39776e667fccfc943287f27ff

  • SHA512

    daa6a6e39824ded9cbc716ac2aa734c7be124fbfb1156ed03818b9d7891d7cbf7685c73f82cdf82f0812ae9f64d0f1da89523dc5060f589da04b06ef8230d6a0

  • SSDEEP

    786432:iliap7IQWxhhh+3vLccvBG7yadtUlkiYno6RgzQCTyr0satP8:iliaBEhhh+3vNvBGyeGk5o6i0Ayr0sY0

Malware Config

Targets

    • Target

      setup_pstmafm44x_20220402_Beta.exe

    • Size

      28MB

    • MD5

      153d9212e049fa053d2337de207f169f

    • SHA1

      8c8b0692d48c3bc8ede9f426993f283943c79537

    • SHA256

      2e5f727b95527d3320a50400c48bec4208dd10f39776e667fccfc943287f27ff

    • SHA512

      daa6a6e39824ded9cbc716ac2aa734c7be124fbfb1156ed03818b9d7891d7cbf7685c73f82cdf82f0812ae9f64d0f1da89523dc5060f589da04b06ef8230d6a0

    • SSDEEP

      786432:iliap7IQWxhhh+3vLccvBG7yadtUlkiYno6RgzQCTyr0satP8:iliaBEhhh+3vNvBGyeGk5o6i0Ayr0sY0

    • Executes dropped EXE

    • Registers COM server for autorun

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Privilege Escalation

                      Tasks