hxxp://go[.]microsoft[.]com/fwlink/?prd=11324&pver=4[.]5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=Squirrel[.]exe&platform=0009&osver=7&isServer=0&shimver=4[.]0[.]30319[.]0

General

Target

http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=Squirrel.exe&platform=0009&osver=7&isServer=0&shimver=4.0.30319.0
Sample

230324-agpzbada4t

Score

5^/10

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact