f20784e53cc9797f628ea1bd53145f08132afffeb194022ea0f78a4045a44d77 | Triage

Sharing

General

Target

splashtop.msi
Size

41.7MB
Sample

230604-s318ksce99
MD5

1297d797b1f0ca65ead2d2653a1d2177
SHA1

8df3fae38c70e5eb9ee57fa0a37942e59e71b2b9
SHA256

f20784e53cc9797f628ea1bd53145f08132afffeb194022ea0f78a4045a44d77
SHA512

41546698d3c8fb0ebe30dfc0bab41b4a4b900c97aaa37ece0e8296c397c96dfe3cf7843e08812a13707f7314e5474610e241183a85ccffa1a262b5ae1eafd1e9
SSDEEP

786432:3K5O/ON8MwQvkeNNF0qUoPBnbyFVXDpdOaHPtNKW1So3AlJ3n99:a5OWGMRNUoPBbyrnD/Yjltn99

Score

8^/10

Malware Config

Targets

- Target
  
  splashtop.msi
- Size
  
  41.7MB
- MD5
  
  1297d797b1f0ca65ead2d2653a1d2177
- SHA1
  
  8df3fae38c70e5eb9ee57fa0a37942e59e71b2b9
- SHA256
  
  f20784e53cc9797f628ea1bd53145f08132afffeb194022ea0f78a4045a44d77
- SHA512
  
  41546698d3c8fb0ebe30dfc0bab41b4a4b900c97aaa37ece0e8296c397c96dfe3cf7843e08812a13707f7314e5474610e241183a85ccffa1a262b5ae1eafd1e9
- SSDEEP
  
  786432:3K5O/ON8MwQvkeNNF0qUoPBnbyFVXDpdOaHPtNKW1So3AlJ3n99:a5OWGMRNUoPBbyrnD/Yjltn99
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2