8fc2dd6a8136c49eae5adb050b0d85dc3b476eea53dc3716ec5771b4469f5dfe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

check_mk_agent.msi
Size

11.5MB
Sample

230719-ldl9ssah82
MD5

4a73c31037ca2b42589a22edd5bf80f7
SHA1

f3ec31a36e40e4ec190855036827f6f3f877dc34
SHA256

8fc2dd6a8136c49eae5adb050b0d85dc3b476eea53dc3716ec5771b4469f5dfe
SHA512

508ca798062d8cd33969d6a69412a36b4a1774004b9f2450cb6465d22389f8332ab96b328a25467eea5ece6ada269aa3a2184a01d2cad60c0fa208e27fb22b8c
SSDEEP

196608:ZAjzWdL9t6zdDU/9UAYeCiVkZgaixdMN9:ZAjzcLyJD29UAYekgaixdMN

Score

8^/10

Malware Config

Targets

- Target
  
  check_mk_agent.msi
- Size
  
  11.5MB
- MD5
  
  4a73c31037ca2b42589a22edd5bf80f7
- SHA1
  
  f3ec31a36e40e4ec190855036827f6f3f877dc34
- SHA256
  
  8fc2dd6a8136c49eae5adb050b0d85dc3b476eea53dc3716ec5771b4469f5dfe
- SHA512
  
  508ca798062d8cd33969d6a69412a36b4a1774004b9f2450cb6465d22389f8332ab96b328a25467eea5ece6ada269aa3a2184a01d2cad60c0fa208e27fb22b8c
- SSDEEP
  
  196608:ZAjzWdL9t6zdDU/9UAYeCiVkZgaixdMN9:ZAjzcLyJD29UAYekgaixdMN
Score

8^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2