Overview

overview

8

Static

static

1

Notesvb.msi

windows7-x64

8

Notesvb.msi

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a06db85f05d21a67a3ae251a122a75adbd9046e33f0a2982924bff23e0d5a1d2.zip

  • Size

    1.0MB

  • Sample

    240126-q8mw2afbg7

  • MD5

    8098e40e0f3f20b8ea86b2acd78c79af

  • SHA1

    fef5bfa7ccdb9dddfea9ed87739c96f032ae039e

  • SHA256

    d6d679b46c5fa466ff8de2846362b8ed8dd1506f4db5fceb0a020c83195f0869

  • SHA512

    cb6394a67b55eae394bb7c21df2dc64f8939df812627b3d8fb9ba8412643a275c4b9e404a4e7d1f97b900e123e5f7b7790b97c53e2cb05456c599157c82c16af

  • SSDEEP

    24576:l2wLmYcHknfdlYAtJ4dSyLwiN0ooslekD7PfANagKZKRj/J0ccvraMb6r:swmLHkntadSyLbNfoEek/wNaN+0rrzbk

Score
8/10

Malware Config

Targets

    • Target

      Notesvb.msi

    • Size

      1.5MB

    • MD5

      42dd7ae8f7ace56e7032d891f78e3bb1

    • SHA1

      6020f70869cb043a7447aed55c898f6cd4eba5ca

    • SHA256

      a4d2138624f8eebbbd665597b1b9e7c3817c374e0e27327cf8acf1b5c57a4b10

    • SHA512

      fe799099aa596d9c710d372cfec6d17eef611801bf1135bd9f13c1311c1a8f2e6e2e426fe279d07d2747a8d941f4bde88d497de63997c5c4c71a19be4e7f65be

    • SSDEEP

      24576:lfJdydmCcUsQ0Bigw3ywNfALfT9Qw4trPoMhlBb7/nSej8AfLRBRqJPim4z5Qn4:hJdaVcUsQ0Us7LbqhlBb7/nSej8AjRBd

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks