General

  • Target

    liquidlauncher_0.2.1_x64_en-US.msi

  • Size

    6.9MB

  • Sample

    240223-rpkg8sbh6y

  • MD5

    b9573678043dc712bf7f7510da7e0cd8

  • SHA1

    c67e9fbfb9d4c11160309dca7f9582719ded7065

  • SHA256

    1cbb5a6c9af91d14e81359b43825ac8c5cd16112421fbf550b5f752991042942

  • SHA512

    238b7aa564651c4706705b2c969a07fc6a34360f606c3225d1a867c5a225665562a345e92d3b9016a4da364d47210aea47a8800cecc416a6f77c13d8f646acf1

  • SSDEEP

    196608:XcQlpq6HQ4IXRBPT68xVq9YRG9UYvkJYcm:M6XqRZG8vq9YE8m

Malware Config

Targets

    • Target

      liquidlauncher_0.2.1_x64_en-US.msi

    • Size

      6.9MB

    • MD5

      b9573678043dc712bf7f7510da7e0cd8

    • SHA1

      c67e9fbfb9d4c11160309dca7f9582719ded7065

    • SHA256

      1cbb5a6c9af91d14e81359b43825ac8c5cd16112421fbf550b5f752991042942

    • SHA512

      238b7aa564651c4706705b2c969a07fc6a34360f606c3225d1a867c5a225665562a345e92d3b9016a4da364d47210aea47a8800cecc416a6f77c13d8f646acf1

    • SSDEEP

      196608:XcQlpq6HQ4IXRBPT68xVq9YRG9UYvkJYcm:M6XqRZG8vq9YE8m

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks