fdf7bc097870d50914639f0f9cbe09ce0084280ccd0dadfaf8b04d5fd9a7ad81 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

spacedesk_driver_Win_7_64_v0.0.1i.Legacy.HighRisk.NoRelease.msi
Size

2.6MB
Sample

230615-sbs3wsaa6v
MD5

a02c553c93b82c70eeab2a5408497be9
SHA1

3b3a0632700daddc63d518978c79a1f568d706f3
SHA256

fdf7bc097870d50914639f0f9cbe09ce0084280ccd0dadfaf8b04d5fd9a7ad81
SHA512

703c7e0e931ac2e80709a4a9487e94b6618b8d96e7229472edb3272ec45dcbf923d76975454d8c60657c1be379f811103c712f620bef4ffcc14c643b7f3e48b2
SSDEEP

49152:+hMwLkcu67D26uW7B51sbLT9p4Zsx47rtq31gOX7i:dGiGbsr4Z9uR

Score

8^/10

Malware Config

Targets

- Target
  
  spacedesk_driver_Win_7_64_v0.0.1i.Legacy.HighRisk.NoRelease.msi
- Size
  
  2.6MB
- MD5
  
  a02c553c93b82c70eeab2a5408497be9
- SHA1
  
  3b3a0632700daddc63d518978c79a1f568d706f3
- SHA256
  
  fdf7bc097870d50914639f0f9cbe09ce0084280ccd0dadfaf8b04d5fd9a7ad81
- SHA512
  
  703c7e0e931ac2e80709a4a9487e94b6618b8d96e7229472edb3272ec45dcbf923d76975454d8c60657c1be379f811103c712f620bef4ffcc14c643b7f3e48b2
- SSDEEP
  
  49152:+hMwLkcu67D26uW7B51sbLT9p4Zsx47rtq31gOX7i:dGiGbsr4Z9uR
Score

8^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2