Overview

overview

6

Static

static

1

תוכנת...ת.msi

windows7-x64

6

תוכנת...ת.msi

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cc8be1d525853403f6cfabcf0fc3bd0ca398ece559388102a7fc55e9f3aa9b33.zip

  • Size

    2.4MB

  • Sample

    240316-dcv7baac81

  • MD5

    473dfccda44f85d119aadefb92cd085e

  • SHA1

    03188d5ee44005b1b0e2ed62c943cd8571ab8ee2

  • SHA256

    cc8be1d525853403f6cfabcf0fc3bd0ca398ece559388102a7fc55e9f3aa9b33

  • SHA512

    3cd96c08eb705e6219fef9aa6542b073ebd09ae61ec3e4fc59b8a6fe827f59cb61c9f0dfa80f26167ed56e4a302a8609fcedab7a61a8ec8ffcf4b6ef99e00587

  • SSDEEP

    49152:r0BWueAI3xRjjOR8eiID4PPLK2hmr22EtEebAkM0xf2Eb/3bnVx:r6JeAI3xdu8UgTHQEtEe0ux+4vLf

Score
6/10
discovery

Malware Config

Targets

    • Target

      תוכנת תיירות.msi

    • Size

      2.6MB

    • MD5

      c381c2cb8fdd6acf1636280b9424f573

    • SHA1

      7918e2c9c6f2847078bb736968f8f21b7e70a0af

    • SHA256

      ff2ae62ba88e7068fa142bbe67d7b9398e8ae737a43cf36ace1fcf809776c909

    • SHA512

      2740b78b04d88981db065138f1962dcee5b867c5aa6216cca4a3ad2773194c5956270664875575c3a31c014f64d4135ffa762a79ebbe5cddd0696d1edb7bd119

    • SSDEEP

      49152:k51VAM5R2KAHlcp8qFmmzDza2Rqr+kMdPTEe/pjO8xn+ch/TlOFNOnUI:kPCMr2NMRmk/XeM9TEeRvx+ch/TlAr

    Score
    6/10
    discovery

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks