Overview

overview

6

Static

static

1

sharepoint.msi

windows7-x64

6

sharepoint.msi

windows10-2004-x64

6

Resubmissions

18-04-2024 14:37

240418-ry56asha3y 6

15-04-2024 16:43

240415-t8a41sdd3t 6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sharepoint.msi

  • Size

    1.6MB

  • Sample

    240415-t8a41sdd3t

  • MD5

    8894b952d2c41177d2c14c64695bdce9

  • SHA1

    e70e0056f72dbfe7a3fcadc2d80fe843c5c73681

  • SHA256

    90f1511223698f33a086337a6875db3b5d6fbcce06f3195cdd6a8efa90091750

  • SHA512

    ae5152ce094df963b15fe88bc6bae525ff43cbe9f290af083620fb17e40ca6ca1cf54104922c4b5bd537258356a06660769a87b123b04b942f1fd485280222fd

  • SSDEEP

    49152:PS8vYpW8zBQSc0ZnSKeZKumZr7AIq4SM/uWW:HYQ0ZncK/ACL

Score
6/10

Malware Config

Targets

    • Target

      sharepoint.msi

    • Size

      1.6MB

    • MD5

      8894b952d2c41177d2c14c64695bdce9

    • SHA1

      e70e0056f72dbfe7a3fcadc2d80fe843c5c73681

    • SHA256

      90f1511223698f33a086337a6875db3b5d6fbcce06f3195cdd6a8efa90091750

    • SHA512

      ae5152ce094df963b15fe88bc6bae525ff43cbe9f290af083620fb17e40ca6ca1cf54104922c4b5bd537258356a06660769a87b123b04b942f1fd485280222fd

    • SSDEEP

      49152:PS8vYpW8zBQSc0ZnSKeZKumZr7AIq4SM/uWW:HYQ0ZncK/ACL

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks