General

  • Target

    8.3.0_AdbeRdr830_en_US.msi

  • Size

    33.8MB

  • Sample

    240428-vk4xvscd79

  • MD5

    76e0f38f830ab74d76390c7d88a69c81

  • SHA1

    2e5aa34947ec971fdfd9d65eae03ec106a995189

  • SHA256

    c790688ef44768de819049d4cad1da5a56adb14c739e6077f8c7ecd927094578

  • SHA512

    498c010b5d58251d45494ed9bd57ce8e2e7f6e511a1a5df54e92aa9d9c82d63bf9611075d030826fcf7566401d9b289e86b90322a078f254598c9d17c0d7ddd6

  • SSDEEP

    786432:k059avjairvEBUhjqTU/dLGoADoBMfVyVzreX:HGjairMBUpkUlnADUeVMz

Malware Config

Targets

    • Target

      8.3.0_AdbeRdr830_en_US.msi

    • Size

      33.8MB

    • MD5

      76e0f38f830ab74d76390c7d88a69c81

    • SHA1

      2e5aa34947ec971fdfd9d65eae03ec106a995189

    • SHA256

      c790688ef44768de819049d4cad1da5a56adb14c739e6077f8c7ecd927094578

    • SHA512

      498c010b5d58251d45494ed9bd57ce8e2e7f6e511a1a5df54e92aa9d9c82d63bf9611075d030826fcf7566401d9b289e86b90322a078f254598c9d17c0d7ddd6

    • SSDEEP

      786432:k059avjairvEBUhjqTU/dLGoADoBMfVyVzreX:HGjairMBUpkUlnADUeVMz

    • Adds Run key to start application

    • Blocklisted process makes network request

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks