Overview

overview

8

Static

static

1

Contract-6.msi

windows7-x64

7

Contract-6.msi

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Contract-6.msi

  • Size

    660KB

  • Sample

    231009-psb9xseh74

  • MD5

    7a3daf79bfc9ae2744d3a80b9bb2428d

  • SHA1

    4c7a632560bb9395ddbd12bdfe9040ec13c5aebd

  • SHA256

    2c93c63e41f639a3a5c3d0c3dc292ebc7c7e80c27accb441408823dd119837f9

  • SHA512

    59643335a7be2922f2c11b9e4b5bcb683e7352a4dd6826f1918b1642d7b2fc8062170c5d09684ae243e924c4b666471b336effdf4eedb812843017de81e5a146

  • SSDEEP

    12288:ftvRQ+gjpjegGdo8NgLKxBTi9byLw2wHvHgU3qfrbDW:ftncpVGPNgtyLHw33qjbD

Score
8/10
discovery

Malware Config

Targets

    • Target

      Contract-6.msi

    • Size

      660KB

    • MD5

      7a3daf79bfc9ae2744d3a80b9bb2428d

    • SHA1

      4c7a632560bb9395ddbd12bdfe9040ec13c5aebd

    • SHA256

      2c93c63e41f639a3a5c3d0c3dc292ebc7c7e80c27accb441408823dd119837f9

    • SHA512

      59643335a7be2922f2c11b9e4b5bcb683e7352a4dd6826f1918b1642d7b2fc8062170c5d09684ae243e924c4b666471b336effdf4eedb812843017de81e5a146

    • SSDEEP

      12288:ftvRQ+gjpjegGdo8NgLKxBTi9byLw2wHvHgU3qfrbDW:ftncpVGPNgtyLHw33qjbD

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks