940aa477eb9ea34ef1547443577e50ceeb300cd254f70ca992a0c5d3f606a02f | Triage

Sharing

General

Target

spacedesk_driver_Win_10_64_v1067_BETA.msi
Size

4.7MB
Sample

230605-rftdsaha38
MD5

e1303b812a2fd1ba4152cd3adcaea968
SHA1

e711973990b98ee6c4c49363a10049435387b7ff
SHA256

940aa477eb9ea34ef1547443577e50ceeb300cd254f70ca992a0c5d3f606a02f
SHA512

b4e908e123ca203f6aff6c9a684b43c53d09524042da362a776f970e73a51f8a738d3c4e64d292622bafc3f07079d959f44a05511aacbdf2d4a792a29eb3d4d6
SSDEEP

98304:vOrg7AyiVXlxVAX5jJmIecGj2QG6ZiMDfh:vOrs3ifAXPG6QjZiM

Score

8^/10

Malware Config

Targets

- Target
  
  spacedesk_driver_Win_10_64_v1067_BETA.msi
- Size
  
  4.7MB
- MD5
  
  e1303b812a2fd1ba4152cd3adcaea968
- SHA1
  
  e711973990b98ee6c4c49363a10049435387b7ff
- SHA256
  
  940aa477eb9ea34ef1547443577e50ceeb300cd254f70ca992a0c5d3f606a02f
- SHA512
  
  b4e908e123ca203f6aff6c9a684b43c53d09524042da362a776f970e73a51f8a738d3c4e64d292622bafc3f07079d959f44a05511aacbdf2d4a792a29eb3d4d6
- SSDEEP
  
  98304:vOrg7AyiVXlxVAX5jJmIecGj2QG6ZiMDfh:vOrs3ifAXPG6QjZiM
Score

8^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2