Overview

overview

7

Static

static

1

SOGO_Setup.msi

windows7-x64

7

SOGO_Setup.msi

windows10-1703-x64

7

SOGO_Setup.msi

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    SOGO_Setup.msi

  • Size

    1.6MB

  • Sample

    230901-sgnqcsff46

  • MD5

    5104f1b8819f596848081e95aefb805d

  • SHA1

    a4725ccd4f66304ff786f4e119725fda7af5c06d

  • SHA256

    a4f305f9071d9cfb54da26a8aff8e84466543f57702c2bab4cf98c7da0f0f200

  • SHA512

    384eec6e8657c357aefbd2d75764bca9486c6a385c5e26e3133bebf49adf2c9654b87cc3f72f333b8db883ed9392c2bd99f6b10e35469fd7dd69f9abea7ae956

  • SSDEEP

    24576:MvuxxFNbTL93VW++r4E5q8g73R31H4ZeJ5MiIljvawm0FoTy:MmTRk+q4E5q8g735l4O5JIm0CW

Score
7/10

Malware Config

Targets

    • Target

      SOGO_Setup.msi

    • Size

      1.6MB

    • MD5

      5104f1b8819f596848081e95aefb805d

    • SHA1

      a4725ccd4f66304ff786f4e119725fda7af5c06d

    • SHA256

      a4f305f9071d9cfb54da26a8aff8e84466543f57702c2bab4cf98c7da0f0f200

    • SHA512

      384eec6e8657c357aefbd2d75764bca9486c6a385c5e26e3133bebf49adf2c9654b87cc3f72f333b8db883ed9392c2bd99f6b10e35469fd7dd69f9abea7ae956

    • SSDEEP

      24576:MvuxxFNbTL93VW++r4E5q8g73R31H4ZeJ5MiIljvawm0FoTy:MmTRk+q4E5q8g735l4O5JIm0CW

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks