Overview

overview

8

Static

static

1

WindowTabs.msi

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WindowTabs.msi

  • Size

    1MB

  • Sample

    230319-ck9h8see35

  • MD5

    9b1cdae7f77f7654d673825d8b9e7a4b

  • SHA1

    0d367c2cbe369551f58ea07edef9499e06acfb1c

  • SHA256

    539c6c6affd63fe25f28af14dd946f01cc9181748a047602db33aa971df9ddde

  • SHA512

    b2e633f9951a148b80190e3810aa37271dbee3c413c62ef8cebf2a10479ee849aa830e4726b8f7722a27d5f8d344a50f84d536751090aa92efed7601d047d4a6

  • SSDEEP

    24576:0nr3Nn7BjlpOu3sB0p2DD7+Jm8R0IjiG82gQrgUoAdUVSGQch:0nr3Nn7Bxwu8BjKFRzjvIwg0dGQ2

Score
8/10

Malware Config

Targets

    • Target

      WindowTabs.msi

    • Size

      1MB

    • MD5

      9b1cdae7f77f7654d673825d8b9e7a4b

    • SHA1

      0d367c2cbe369551f58ea07edef9499e06acfb1c

    • SHA256

      539c6c6affd63fe25f28af14dd946f01cc9181748a047602db33aa971df9ddde

    • SHA512

      b2e633f9951a148b80190e3810aa37271dbee3c413c62ef8cebf2a10479ee849aa830e4726b8f7722a27d5f8d344a50f84d536751090aa92efed7601d047d4a6

    • SSDEEP

      24576:0nr3Nn7BjlpOu3sB0p2DD7+Jm8R0IjiG82gQrgUoAdUVSGQch:0nr3Nn7Bxwu8BjKFRzjvIwg0dGQ2

    Score
    8/10

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Query Registry

4
T1012

System Information Discovery

4
T1082

Peripheral Device Discovery

2
T1120

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks