General
-
Target
MSCO-Launcher-Installer (1).rar
-
Size
1.9MB
-
Sample
240212-wm9rkacd98
-
MD5
cefc74035b97b4e6826efe275bded523
-
SHA1
cb5db832bbcad18e150ded986f7e19ba062224f2
-
SHA256
2efbf96a0e2748ee7a3c2e75a2e5a7421fd190e0c5673b913c8669d28ff7011b
-
SHA512
70c83e8900e531a0a554dc07fd5957062bbdf0878113d253bdd4b537e769f09ce48ce7abb85fbcb2dd5c445a769d5983b15d304ce1914526b4924c54631efdfd
-
SSDEEP
49152:Aodzd3pWOijBGy9Cqyzx0D1V2npd/zTk4R42A:/dzjRIBGy8pk242A
Static task
static1
Behavioral task
behavioral1
Sample
MSCO Launcher Installer.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
MSCO Launcher Installer.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
MSCO Launcher Installer.exe
-
Size
2.5MB
-
MD5
6779f7fcb9eda1f8a3c15407b4ca6e11
-
SHA1
65b2563a63abc2116abd8a1e25f1efcfa8598b63
-
SHA256
89181675ee248c11cc0d6c2d584aa3eef2a7a0b4b3508d8ba46a645d48a16171
-
SHA512
a4e80391a6850424f149db4612b85d0131eddae0b43a7436c7e811771c2018cd46e30672b4b523327f478382d08a8127366f6fb85d39979a267b1ca4a1617e14
-
SSDEEP
49152:tBuZrEUSZlXS00uRMPex1YQ5tEk55DdN7POGji:7kLSZlXSjQX1YQ/Ek55lji
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1