Overview

overview

7

Static

static

1

MSNSUSII.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MSNSUSII.exe

  • Size

    9.3MB

  • Sample

    240223-bhds4shf94

  • MD5

    8623bab1f3b3464cb8af16e9deeb981d

  • SHA1

    94e0c084065cfbd161db0035dca0ecf4f9f0f523

  • SHA256

    888f312540912917d972b226084b34feb292adfc70c28f09ced9ac9add0e70df

  • SHA512

    8081d79e96bc1c0fd819879d031d8b5fd12bf7aee975cffd4ed47bdee0510dd32c6b5e506d4a526d4775d8c880b89cc0333c29098930bb94eb1e317c470c2356

  • SSDEEP

    196608:Pzpg/ro7pu275pizC/QKfC/LoyIbeo6F/rzP8/46R41O/7QSforeaS:Pzpg/rkpn9pizxKcLJoo/oR41YvaS

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      MSNSUSII.exe

    • Size

      9.3MB

    • MD5

      8623bab1f3b3464cb8af16e9deeb981d

    • SHA1

      94e0c084065cfbd161db0035dca0ecf4f9f0f523

    • SHA256

      888f312540912917d972b226084b34feb292adfc70c28f09ced9ac9add0e70df

    • SHA512

      8081d79e96bc1c0fd819879d031d8b5fd12bf7aee975cffd4ed47bdee0510dd32c6b5e506d4a526d4775d8c880b89cc0333c29098930bb94eb1e317c470c2356

    • SSDEEP

      196608:Pzpg/ro7pu275pizC/QKfC/LoyIbeo6F/rzP8/46R41O/7QSforeaS:Pzpg/rkpn9pizxKcLJoo/oR41YvaS

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks