2581ed77845f71b7cda4c654f1070f8cec13da3bc2d2f192210e56eb51870df5 | Triage

Resubmissions

09-07-2023 07:21

230709-h6w3xsbh51 8

09-07-2023 07:16

230709-h3wmzsba99 8

Sharing

General

Target

EpicInstaller-15.7.0-15100e290b5740ddbc8714d115447ef8.msi
Size

176.5MB
Sample

230709-h3wmzsba99
MD5

a7e249733f679010dc0bb3a32175fbaf
SHA1

055882b09332740127876ccb07482771bb792ea3
SHA256

2581ed77845f71b7cda4c654f1070f8cec13da3bc2d2f192210e56eb51870df5
SHA512

3206f0d3d24f7b6c7b9de1b79fc157bd46bd0f7f0c03503c6e8a9e75cfc6a772197af1b8b15d675f90ca90c5112b448b0e570fcda1bfdcf8ed08443dc9a34dcf
SSDEEP

3145728:3yxUHkcztVb5XwmRdwAM+CPeVI0Q+ccusnJEwL7HOFWNj1CeDx1tE5QSQyHLUbLY:jkEKs9M+dVH17ijFW/CDQ2KL

Score

8^/10

Malware Config

Targets

- Target
  
  EpicInstaller-15.7.0-15100e290b5740ddbc8714d115447ef8.msi
- Size
  
  176.5MB
- MD5
  
  a7e249733f679010dc0bb3a32175fbaf
- SHA1
  
  055882b09332740127876ccb07482771bb792ea3
- SHA256
  
  2581ed77845f71b7cda4c654f1070f8cec13da3bc2d2f192210e56eb51870df5
- SHA512
  
  3206f0d3d24f7b6c7b9de1b79fc157bd46bd0f7f0c03503c6e8a9e75cfc6a772197af1b8b15d675f90ca90c5112b448b0e570fcda1bfdcf8ed08443dc9a34dcf
- SSDEEP
  
  3145728:3yxUHkcztVb5XwmRdwAM+CPeVI0Q+ccusnJEwL7HOFWNj1CeDx1tE5QSQyHLUbLY:jkEKs9M+dVH17ijFW/CDQ2KL
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2