Overview

overview

8

Static

static

1

1.msi

windows7-x64

8

1.msi

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1.zip

  • Size

    8.5MB

  • Sample

    240329-xd9kwafg72

  • MD5

    c46bc04902532403e231d0d95cc079a5

  • SHA1

    66f11dc3f05e3731214dff39362288d3e3231a41

  • SHA256

    acdadef9a63e4bfda20bc8f6d37c34726ce0d266d5324ae44dd26127326748b1

  • SHA512

    ab8ee53b99cc481d65fa8d1125ba15d0c83eed5abaf136c26e5152c5b127c0ad3057254aeca82cc53d74c19f638d4b751f4bb65ec2396802e41503943401d70e

  • SSDEEP

    196608:2rPyugP09EgPLnErUlFS4h9YL8TNFnpqGXR+7t4q:QTigPAUMqq

Score
8/10
persistence

Malware Config

Targets

    • Target

      1.msi

    • Size

      8.9MB

    • MD5

      8d35f3ca2e59b85c8c8caed123a4f6cd

    • SHA1

      54ee7e40bab670bc2fdc5dbd7787d705d643b0f9

    • SHA256

      8ef318fa5dba85344f79f7e4a7b022d09d99bbd36d5e8aa5353018c867e85b2c

    • SHA512

      192ed0a8536356af37d2ec9e9597bef3befa3d0911bea214702ed1dd761b761bc54204a409618ce4e51fbbaf256f97f73fbbc139e729a64412db930413a8d025

    • SSDEEP

      98304:WOPvLtabi4X0MV+dYdcGt7VIb4JOPvLtabi4X0MV+dYdOOPvLtabi4X0MV+dYd+X:Wws3V+arws3V+xws3V+dws3V+6ws3V+

    Score
    8/10
    persistence

    • Sets service image path in registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks