2efbf96a0e2748ee7a3c2e75a2e5a7421fd190e0c5673b913c8669d28ff7011b | Triage

Submit
Reports

Overview

overview

8

Static

static

3

MSCO Launc...er.exe

windows7-x64

8

MSCO Launc...er.exe

windows10-2004-x64

8

Sharing

General

Target

MSCO-Launcher-Installer (1).rar
Size

1.9MB
Sample

240212-wm9rkacd98
MD5

cefc74035b97b4e6826efe275bded523
SHA1

cb5db832bbcad18e150ded986f7e19ba062224f2
SHA256

2efbf96a0e2748ee7a3c2e75a2e5a7421fd190e0c5673b913c8669d28ff7011b
SHA512

70c83e8900e531a0a554dc07fd5957062bbdf0878113d253bdd4b537e769f09ce48ce7abb85fbcb2dd5c445a769d5983b15d304ce1914526b4924c54631efdfd
SSDEEP

49152:Aodzd3pWOijBGy9Cqyzx0D1V2npd/zTk4R42A:/dzjRIBGy8pk242A

Score

8^/10

discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

MSCO Launcher Installer.exe

Resource

win7-20231215-en

discovery persistence

windows7-x64

19 signatures

300 seconds

Behavioral task

behavioral2

Sample

MSCO Launcher Installer.exe

Resource

win10v2004-20231215-en

discovery persistence

windows10-2004-x64

16 signatures

300 seconds

Malware Config

Targets

- Target
  
  MSCO Launcher Installer.exe
- Size
  
  2.5MB
- MD5
  
  6779f7fcb9eda1f8a3c15407b4ca6e11
- SHA1
  
  65b2563a63abc2116abd8a1e25f1efcfa8598b63
- SHA256
  
  89181675ee248c11cc0d6c2d584aa3eef2a7a0b4b3508d8ba46a645d48a16171
- SHA512
  
  a4e80391a6850424f149db4612b85d0131eddae0b43a7436c7e811771c2018cd46e30672b4b523327f478382d08a8127366f6fb85d39979a267b1ca4a1617e14
- SSDEEP
  
  49152:tBuZrEUSZlXS00uRMPex1YQ5tEk55DdN7POGji:7kLSZlXSjQX1YQ/Ek55lji
Score

8^/10

discovery persistence
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Blocklisted process makes network request
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

© 2018-2024

Terms | Privacy