Overview

overview

8

Static

static

1

liquidlaun...US.msi

windows7-x64

6

liquidlaun...US.msi

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    liquidlauncher_0.2.1_x64_en-US.msi

  • Size

    6.9MB

  • Sample

    240224-pph83abf37

  • MD5

    93394562e845b91d2795b2c18fe4c451

  • SHA1

    62f10d528e54a6e33e35ef0657a452e73bca036f

  • SHA256

    e3b541059a8d1ddc386fd2a31934148de3574ba80247df751d33c6d8a167b215

  • SHA512

    5fae28e482ea37c4629fbf63dc7698180c19e5d7b66853f7fae63c253e68404eb92af3fa8b02c57c9d15f41443e00ad10edd52c550ee3e8d2f82c3f50eb2b50b

  • SSDEEP

    196608:XcQlpq6HQ4IXRBPT68xVq9YRG9UYvkJYcO:M6XqRZG8vq9YE8O

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      liquidlauncher_0.2.1_x64_en-US.msi

    • Size

      6.9MB

    • MD5

      93394562e845b91d2795b2c18fe4c451

    • SHA1

      62f10d528e54a6e33e35ef0657a452e73bca036f

    • SHA256

      e3b541059a8d1ddc386fd2a31934148de3574ba80247df751d33c6d8a167b215

    • SHA512

      5fae28e482ea37c4629fbf63dc7698180c19e5d7b66853f7fae63c253e68404eb92af3fa8b02c57c9d15f41443e00ad10edd52c550ee3e8d2f82c3f50eb2b50b

    • SSDEEP

      196608:XcQlpq6HQ4IXRBPT68xVq9YRG9UYvkJYcO:M6XqRZG8vq9YE8O

    Score
    8/10
    discoverypersistence

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks