Overview

overview

8

Static

static

1

SirixStati....0.msi

windows7-x64

8

SirixStati....0.msi

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SirixStation-evotrader1.9.49680.0.msi

  • Size

    13.7MB

  • Sample

    230413-pflmtsbc34

  • MD5

    aef7577129b18c855df6db1b72734edf

  • SHA1

    0854ae6997e8d41d3307cfaf34b028d21a5b5df7

  • SHA256

    951fdeca7077063d5339170d987dd0c39d725dda906e2a8d9a9a017035ee9984

  • SHA512

    b3dcbc3ea57d02913fa95ec7783a6c7c096673f729d9db4f26972ab1cc4d5abc604c5b1c94f004212d2ac9fa1802aac4b8a7a2415c97cda3987ebbde38dd735b

  • SSDEEP

    393216:lAwcVLsFc7tFyVd4mhGkCO+HAeb7uXkxyWSespA1IKDy:lkVLsFe3YdnhPCTueaespA1IKm

Score
8/10

Malware Config

Targets

    • Target

      SirixStation-evotrader1.9.49680.0.msi

    • Size

      13.7MB

    • MD5

      aef7577129b18c855df6db1b72734edf

    • SHA1

      0854ae6997e8d41d3307cfaf34b028d21a5b5df7

    • SHA256

      951fdeca7077063d5339170d987dd0c39d725dda906e2a8d9a9a017035ee9984

    • SHA512

      b3dcbc3ea57d02913fa95ec7783a6c7c096673f729d9db4f26972ab1cc4d5abc604c5b1c94f004212d2ac9fa1802aac4b8a7a2415c97cda3987ebbde38dd735b

    • SSDEEP

      393216:lAwcVLsFc7tFyVd4mhGkCO+HAeb7uXkxyWSespA1IKDy:lkVLsFe3YdnhPCTueaespA1IKm

    Score
    8/10

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks