1d7d821971921b0241399b87ad295b143fd94a6499cb48ed5c10bef5cdf52ea6 | Triage

Sharing

General

Target

b740e751adaaf65924a44bfcd17e0aaae34d667a19a8bbf50b28261c26846c24.msi.zip
Size

2.4MB
Sample

231102-2xs5fsag49
MD5

f16a2b9457ee3a65c44efd8860eb4be5
SHA1

c7a3c60bfdb5e7e6c306c175f9835b1eeb60aa81
SHA256

1d7d821971921b0241399b87ad295b143fd94a6499cb48ed5c10bef5cdf52ea6
SHA512

f704a1a3cf414913b2060e11853138a38b44651e648049ca5fe76d66e0395e12fd2de7fffb26f7d296e15b88bc1de195a7ddb779829bd5248b23702ed0021b51
SSDEEP

49152:IR9kFviOlx6L8LiTm3XpsTeMDUjdyBdocIxPWjl3KCb1QwMzNyhqQq:smhZlx6LCW4XsDUjGdQuhKChQFzN2I

Score

7^/10

Malware Config

Targets

- Target
  
  b740e751adaaf65924a44bfcd17e0aaae34d667a19a8bbf50b28261c26846c24.msi
- Size
  
  6.0MB
- MD5
  
  958a5e390546aa2145c822e6df85fdce
- SHA1
  
  d583eac50baa99e4c1a605823ab9bcd5359bce41
- SHA256
  
  b740e751adaaf65924a44bfcd17e0aaae34d667a19a8bbf50b28261c26846c24
- SHA512
  
  259a2a29ba1956e58356a519b1a611ab2b7f1935ff8fde792740b3035f8f58bd0ee8bd9f076d1653df29656105b4319e96b438df49cd4c09386dea40bc347c3f
- SSDEEP
  
  98304:Hp2KQA5vekjjAgRUoPycA4CE9h/FEjT3Ax:J2KQAheG1Q4CE7FCAx
Score

7^/10
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2