239b880c9b3e096f65d9f39ecde52e45b25cf6656750b63aabb9ac74ab418b39 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

8Sat91df54...24.msi

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

xmlFactura1c6e39880.zip
Size

16.2MB
Sample

240508-alk6xsba84
MD5

ef37214fd1c48f7018a7573d872ba602
SHA1

7b31237fc3f9749e2cb077a12427df0f7bb3ab4e
SHA256

239b880c9b3e096f65d9f39ecde52e45b25cf6656750b63aabb9ac74ab418b39
SHA512

5c21e880043e3ab0aec8c1f89358372b405037ea6bfb89515d36f05cf63b444f1037be6c58cfa8d15b014780a71bd8a54a30db7fcd064a80114950d62abedb04
SSDEEP

196608:8JinUdkBgF9P+2YtGh+VcSOm42imFruTWKp8wQOPuvwOJaAm8taRsT7Je+rKDeZE:8gUdLQtTcS9lPKpR4mZ+2DenZRFZT+gs

Score

7^/10

upx

Static task

static1

Behavioral task

behavioral1

Sample

8Sat91df540f15571d64647e2546ed409b94424.msi

Resource

win10v2004-20240419-en

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  8Sat91df540f15571d64647e2546ed409b94424.msi
- Size
  
  20.2MB
- MD5
  
  cbce195ecba689b73354f23e0d95a6a5
- SHA1
  
  1f38a69e46af661cff6ba12612ba2384e1a5b484
- SHA256
  
  e7d725520d158f916491a9a191f2ec0f2d561a657cd80fac5021bc3735fd559f
- SHA512
  
  f69e52fe4cc8a43bd114f4a94232b1e2af6d0c50718b9982b38b17acb1eefab09448b0622ac46e2913277e83f35775ee89f83a71b3ff136dcb15d40e12829246
- SSDEEP
  
  393216:uVd02xNMXAGcbtBHz279TTPFPApFs3uHv:iGCz27N5ALNHv
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy