e32c37cc44d1cc836046a6c9a9c185c2be3aeff102704a1aa98054a4a99bed4c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Amazon+WorkSpaces.msi
Size

351.9MB
Sample

230202-smnbsadd2s
MD5

a62da18638e1117ae81bcb3549395851
SHA1

bde51c90644131cfa04c089d80adccfce4dee949
SHA256

e32c37cc44d1cc836046a6c9a9c185c2be3aeff102704a1aa98054a4a99bed4c
SHA512

ac06fef19c6c49ddddab92f27d5645446b7ce32d5a0bc4b84103ea96a27ddeb94aed0c5227d3a56082b06475cfbf6ca91dc299d2f82c025cd6c70bdc7a15fd34
SSDEEP

6291456:k+aKWldpt8qkgq33KJl2ZarRt3OE8iqGqAz2bFpg2/Mq97QC2ksMSvt9UPsH4jAv:k+Qldpt88q30l28z2GpCbjpMq9bkIUHZ

Score

8^/10

Malware Config

Targets

- Target
  
  Amazon+WorkSpaces.msi
- Size
  
  351.9MB
- MD5
  
  a62da18638e1117ae81bcb3549395851
- SHA1
  
  bde51c90644131cfa04c089d80adccfce4dee949
- SHA256
  
  e32c37cc44d1cc836046a6c9a9c185c2be3aeff102704a1aa98054a4a99bed4c
- SHA512
  
  ac06fef19c6c49ddddab92f27d5645446b7ce32d5a0bc4b84103ea96a27ddeb94aed0c5227d3a56082b06475cfbf6ca91dc299d2f82c025cd6c70bdc7a15fd34
- SSDEEP
  
  6291456:k+aKWldpt8qkgq33KJl2ZarRt3OE8iqGqAz2bFpg2/Mq97QC2ksMSvt9UPsH4jAv:k+Qldpt88q30l28z2GpCbjpMq9bkIUHZ
Score

8^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2