Overview

overview

7

Static

static

1

s1.msi

windows7-x64

7

s1.msi

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    s1.msi

  • Size

    13.2MB

  • Sample

    230213-t9zh1adh91

  • MD5

    13a1b2521d9b2e5e8171c6fc040fa776

  • SHA1

    99be7105097d3126c8a94ee0507e51544fe0a8ef

  • SHA256

    bf387933e27d310da037dde32bf0614380b58bd51e84b7c35be7039c82f4c648

  • SHA512

    46e8948c2b8988c231bee253fe136c0743249a27ccc5249a9ec6a6eae9e46f064b4fddfb816d432b746bc01aa2157e6a67b511330fc9aae01446f4b0bf1e50a4

  • SSDEEP

    393216:gZ3hxPnY76k/vIk+xkkrPwZa1hf7L744FKhorP3kvdX:gthRWokNA1B7HswSX

Score
7/10
discovery

Malware Config

Targets

    • Target

      s1.msi

    • Size

      13.2MB

    • MD5

      13a1b2521d9b2e5e8171c6fc040fa776

    • SHA1

      99be7105097d3126c8a94ee0507e51544fe0a8ef

    • SHA256

      bf387933e27d310da037dde32bf0614380b58bd51e84b7c35be7039c82f4c648

    • SHA512

      46e8948c2b8988c231bee253fe136c0743249a27ccc5249a9ec6a6eae9e46f064b4fddfb816d432b746bc01aa2157e6a67b511330fc9aae01446f4b0bf1e50a4

    • SSDEEP

      393216:gZ3hxPnY76k/vIk+xkkrPwZa1hf7L744FKhorP3kvdX:gthRWokNA1B7HswSX

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks