Overview

overview

8

Static

static

1

6cf76898fb...3a.msi

windows7-x64

6cf76898fb...3a.msi

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e558920c8567f9fce24004d13de33ae.bin

  • Size

    250KB

  • Sample

    230721-bxad8sbe96

  • MD5

    e4fc8c305349584c52881d4fda9b1ef3

  • SHA1

    d83ff39515b2ba98a14a804ba15ae95cc08f717c

  • SHA256

    35ed98e2c354e1bad8aaae08455402c2d3d3bfde90f935e77d5a161e83a7d3f6

  • SHA512

    3f05d60df78874ea99c1412a5e09d5a5663164423a59834cbfc5515b366307fe0e0140ddb20603ff27ff53b50f3cc4b514d3a766dbf00b895262ebd557e486f6

  • SSDEEP

    6144:odcdC/4ei9uiC2j4glaTmwmwiLQHtuoozQRjX3HJhaW4Dn:L7eiP1jdgTsHzQRd1En

Score
8/10
persistence

Malware Config

Targets

    • Target

      6cf76898fb3ff5726449f6a47748e2cb4559cae3d7e34a0d6d5d169ffdab483a.msi

    • Size

      570KB

    • MD5

      7e558920c8567f9fce24004d13de33ae

    • SHA1

      3e5720e4804d6c88b618692027aed9fd585f1b55

    • SHA256

      6cf76898fb3ff5726449f6a47748e2cb4559cae3d7e34a0d6d5d169ffdab483a

    • SHA512

      444f737bfe0ed0d0240b3b5794443cf97061789750937f9fa82d30a8f711af7207be55402f6ecac1dcaca92a0eaf521ff1c4ae04925e816b13bf0d0bd90351c8

    • SSDEEP

      6144:pvKdXY5AUC8rDow+ZsrLg3bmfKlGzIqSqYf+SAOfVKE/M5TiyX1pjhZW:pvKlY5AIowv43bqKlRHJVa9iyX1pjh

    Score
    8/10
    persistence

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks