4d3389df700ae80e56bd7bf5d17a4d8d5b53330ffdc85f1435b646c251b11551 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c683a82dc2e6a748a246c72f60b6ad32.msi
Size

28.2MB
Sample

230719-xel6zabb9x
MD5

c683a82dc2e6a748a246c72f60b6ad32
SHA1

cdd94820f9a41f8f7a9c60ed12439d48a585df0a
SHA256

4d3389df700ae80e56bd7bf5d17a4d8d5b53330ffdc85f1435b646c251b11551
SHA512

ea224b4d71735bf112273b217d82b4c55709e7a8f737ce11f1984e10f0889309aa91f71bc2b7d3b05d3c1f33e7262b787b5f4803ce178422dafaf56056a1124f
SSDEEP

393216:BySSQEPrmzSMzriXP7kgpk6KIHa8Gpm1z99lDSa7ec:BFSfrmk7kpB6SWz99Ia

Score

8^/10

Malware Config

Targets

- Target
  
  c683a82dc2e6a748a246c72f60b6ad32.msi
- Size
  
  28.2MB
- MD5
  
  c683a82dc2e6a748a246c72f60b6ad32
- SHA1
  
  cdd94820f9a41f8f7a9c60ed12439d48a585df0a
- SHA256
  
  4d3389df700ae80e56bd7bf5d17a4d8d5b53330ffdc85f1435b646c251b11551
- SHA512
  
  ea224b4d71735bf112273b217d82b4c55709e7a8f737ce11f1984e10f0889309aa91f71bc2b7d3b05d3c1f33e7262b787b5f4803ce178422dafaf56056a1124f
- SSDEEP
  
  393216:BySSQEPrmzSMzriXP7kgpk6KIHa8Gpm1z99lDSa7ec:BFSfrmk7kpB6SWz99Ia
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2