General
-
Target
492bcb37fd78305898f30d19c94bc321.msi
-
Size
71.7MB
-
Sample
230903-ww2sbabd6x
-
MD5
492bcb37fd78305898f30d19c94bc321
-
SHA1
814a7eea8809676ef624eb8bbfcf27fa9c43eb6b
-
SHA256
b946b9f15ba9ecca3eab336df7b445aefb7b4bbc4392f775209440a2460dadc6
-
SHA512
331b69d4ff02ca66e310dc3de23552a25279a6f6c059ad92444736bf1ae98cad0890fa2a6f82bfedd551165a8f98825bef1598f10474d66d3cd1e3d3a2c0d60a
-
SSDEEP
1572864:XI9ruI5Ujm9gLDxSm6gwehz5DPzhJoBve+nBCzwS:XI9ruIcHMHKz5joo+BHS
Malware Config
Targets
-
-
Target
492bcb37fd78305898f30d19c94bc321.msi
-
Size
71.7MB
-
MD5
492bcb37fd78305898f30d19c94bc321
-
SHA1
814a7eea8809676ef624eb8bbfcf27fa9c43eb6b
-
SHA256
b946b9f15ba9ecca3eab336df7b445aefb7b4bbc4392f775209440a2460dadc6
-
SHA512
331b69d4ff02ca66e310dc3de23552a25279a6f6c059ad92444736bf1ae98cad0890fa2a6f82bfedd551165a8f98825bef1598f10474d66d3cd1e3d3a2c0d60a
-
SSDEEP
1572864:XI9ruI5Ujm9gLDxSm6gwehz5DPzhJoBve+nBCzwS:XI9ruIcHMHKz5joo+BHS
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1