5c65169a0f859006aff88449c19d1d2b1d6ac945206c108c88d98c6cae1486c2 | Triage

Sharing

General

Target

Arm_001824166751_373861779141603786019168618121690839645.msi
Size

829KB
Sample

230525-vxkprabd96
MD5

29dd3123671e78c1c5a72f45768b80ee
SHA1

48ece59a018b836ff3f32b7f4666d9589ba5805c
SHA256

5c65169a0f859006aff88449c19d1d2b1d6ac945206c108c88d98c6cae1486c2
SHA512

44f347a5209b626a1f430c6f5f0d5214d4b4703248d957d057aadf711c0a4b88c9221c3c5a69dac9bc08cc5e534c0d15cf40dcf0cd04418daee31576900e7f37
SSDEEP

12288:qtBYy4b2WGwp6zceQ3ku67mjjulfpWAfWkHxncU2UiH+HbJtgFU3+0w7OLCYvC:qtBYya8c52JvOnHyJouA7OWYK

Score

8^/10

Malware Config

Targets

- Target
  
  Arm_001824166751_373861779141603786019168618121690839645.msi
- Size
  
  829KB
- MD5
  
  29dd3123671e78c1c5a72f45768b80ee
- SHA1
  
  48ece59a018b836ff3f32b7f4666d9589ba5805c
- SHA256
  
  5c65169a0f859006aff88449c19d1d2b1d6ac945206c108c88d98c6cae1486c2
- SHA512
  
  44f347a5209b626a1f430c6f5f0d5214d4b4703248d957d057aadf711c0a4b88c9221c3c5a69dac9bc08cc5e534c0d15cf40dcf0cd04418daee31576900e7f37
- SSDEEP
  
  12288:qtBYy4b2WGwp6zceQ3ku67mjjulfpWAfWkHxncU2UiH+HbJtgFU3+0w7OLCYvC:qtBYya8c52JvOnHyJouA7OWYK
Score

8^/10
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2