6f8e093a7fdcaaba48a06b03bb263ef760ef7ca7ffc3312e27480373f91822b4 | Triage

Sharing

General

Target

OpenVPN254I603amd64msi.msi
Size

4.2MB
Sample

230704-w2x2bahg5z
MD5

a3ca10a71263645df2bb906cbedb3929
SHA1

38e0a4d778e942e0a65fa46da3ccc0e1691bc9ea
SHA256

6f8e093a7fdcaaba48a06b03bb263ef760ef7ca7ffc3312e27480373f91822b4
SHA512

5df382c97555410c435c5931865d55609a11a11bc9728ef0062b9dc0db2871f6115445799612ae07f9bd7bf37a88d5e5bc68c66890a85b82bcbd34e89ea8f194
SSDEEP

98304:SRZhtak954vdGNvOV9fE6Haf731Lqv38yNyOtu:AhX9qvdGNKH8wv3XQO

Score

8^/10

Malware Config

Targets

- Target
  
  OpenVPN254I603amd64msi.msi
- Size
  
  4.2MB
- MD5
  
  a3ca10a71263645df2bb906cbedb3929
- SHA1
  
  38e0a4d778e942e0a65fa46da3ccc0e1691bc9ea
- SHA256
  
  6f8e093a7fdcaaba48a06b03bb263ef760ef7ca7ffc3312e27480373f91822b4
- SHA512
  
  5df382c97555410c435c5931865d55609a11a11bc9728ef0062b9dc0db2871f6115445799612ae07f9bd7bf37a88d5e5bc68c66890a85b82bcbd34e89ea8f194
- SSDEEP
  
  98304:SRZhtak954vdGNvOV9fE6Haf731Lqv38yNyOtu:AhX9qvdGNKH8wv3XQO
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2