e11f22d22e2e938822c39b88ee04af814b2fb53b70acb00a0bd1bcb2c3f36b1c | Triage

Sharing

General

Target

wireguard-arm64-0.5.3.msi
Size

2.5MB
Sample

240111-pyc4eagfh4
MD5

7b90cffc47c14ab9a6e17bb3bbc61c8f
SHA1

5f0c3587c90cf613f9b28fecbe7a0dcb7309109c
SHA256

e11f22d22e2e938822c39b88ee04af814b2fb53b70acb00a0bd1bcb2c3f36b1c
SHA512

8d66198cd9bb7085f0440a1a2ed03b43db7f4817a670c0ddba9dac00bb46431bd507a4ea6577155968ce359514b7c45b34bf4250e7d94644db4060efa6a2e64d
SSDEEP

49152:qhEXHZA4Qh8qe8gT5Nt/i7MMYQJUFwRDlMT3HXo8A+8nRgbo:O4QKx5Nt/i3RBMTY8A+UCbo

Score

6^/10

Malware Config

Targets

- Target
  
  wireguard-arm64-0.5.3.msi
- Size
  
  2.5MB
- MD5
  
  7b90cffc47c14ab9a6e17bb3bbc61c8f
- SHA1
  
  5f0c3587c90cf613f9b28fecbe7a0dcb7309109c
- SHA256
  
  e11f22d22e2e938822c39b88ee04af814b2fb53b70acb00a0bd1bcb2c3f36b1c
- SHA512
  
  8d66198cd9bb7085f0440a1a2ed03b43db7f4817a670c0ddba9dac00bb46431bd507a4ea6577155968ce359514b7c45b34bf4250e7d94644db4060efa6a2e64d
- SSDEEP
  
  49152:qhEXHZA4Qh8qe8gT5Nt/i7MMYQJUFwRDlMT3HXo8A+8nRgbo:O4QKx5Nt/i3RBMTY8A+UCbo
Score

6^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2