Overview

overview

7

Static

static

1

73408798672924.msi

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5978505300621 .zip

  • Size

    19.6MB

  • Sample

    230825-y7hjxsef32

  • MD5

    cd2afe1e3cfebfc77c873f301e32513a

  • SHA1

    2d6bff1c1dfc880043d0fc9918440bce7f4d24d7

  • SHA256

    380fb7172470c174a19c2c7b50e65773e9d0c437e2928b4e7074cfc97da0435c

  • SHA512

    6b0a17d349c00ff0055d824f7e160001a08a5bc494fc4cc394d9766f8a36ca114436b88c4c2deeb770808d2e7f24c53648f1d0ff59f575878af4b1bfc5a7359f

  • SSDEEP

    393216:u+fs/4r+Tcv/uI2oCO3z6VXGmQ8twNUOAfbw1BdtjWzuEn6lqSshU8:j60/8xO3z6VXGmrvfbEzZ7v8

Score
7/10
persistence

Malware Config

Targets

    • Target

      73408798672924.msi

    • Size

      20.3MB

    • MD5

      509f5b97a2dd3ad2ca5e904be5d9172a

    • SHA1

      4476554a0a98a0b0d3683cbee111372c5e3940a2

    • SHA256

      69babb5b308fefb3ccb5e477f5546c78a238b5b615ea81011be4e67eb08e5486

    • SHA512

      1f57bfbd1044c0c9df6e16ab80dda5b33b3b1c61ea8a9819c59e5110b299ed6465d90c69951e1500b5c108c86a919d0c63c3c86e1d95bc952004e5f663d27b1a

    • SSDEEP

      393216:TsqYN+rthKgyaQWJz09VOMms/Sds4CHREZtvLXa/KKJGJicA7:TGw5hIjWJz09VOM5XHR8t/hY

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks