65678ac729cd0b545d14703879b601872d285c2934ae8d76452f7c2fb2c62d15 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

LibreOffice_7.6.4_Win_x86-64.msi
Size

344.9MB
Sample

240108-zssxsabcel
MD5

747ce5f0de21ce609313c32a9eee3cac
SHA1

ee8112b9eea7c8b4e6ef9e38604ad92d7976196b
SHA256

65678ac729cd0b545d14703879b601872d285c2934ae8d76452f7c2fb2c62d15
SHA512

7ee1328576e880ef9c5e7f04f464efdcb12e4e5ff39b2a20c51e0f2aa9416c54f7e701bc4234ea9c51aca8f938467a6d433aca6d532fe0dac7cc6d1b35b52e66
SSDEEP

6291456:dx8EWmJR6ljijlfKGV05RvLy/sY4Pu2G+ZVD8GFK+Nkp8ivDgMqWsdzwYUzHWSEv:d6E/zJfK00r2kP2MVD8Gqppg39zC

Score

7^/10

Malware Config

Targets

- Target
  
  LibreOffice_7.6.4_Win_x86-64.msi
- Size
  
  344.9MB
- MD5
  
  747ce5f0de21ce609313c32a9eee3cac
- SHA1
  
  ee8112b9eea7c8b4e6ef9e38604ad92d7976196b
- SHA256
  
  65678ac729cd0b545d14703879b601872d285c2934ae8d76452f7c2fb2c62d15
- SHA512
  
  7ee1328576e880ef9c5e7f04f464efdcb12e4e5ff39b2a20c51e0f2aa9416c54f7e701bc4234ea9c51aca8f938467a6d433aca6d532fe0dac7cc6d1b35b52e66
- SSDEEP
  
  6291456:dx8EWmJR6ljijlfKGV05RvLy/sY4Pu2G+ZVD8GFK+Nkp8ivDgMqWsdzwYUzHWSEv:d6E/zJfK00r2kP2MVD8Gqppg39zC
Score

7^/10
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1