General

  • Target

    pm14free_eng.exe

  • Size

    48.5MB

  • Sample

    240601-ysgzvade5v

  • MD5

    18dada76291eaaef7fd5da9230152cf4

  • SHA1

    78dbbb788588b1919d7e013090c2c71c11526933

  • SHA256

    e2fcffdd326685b3c08552a670492e967298230aef306faf2460ead80a35d51f

  • SHA512

    e201cdb9e055ebfe096e93c599e99a801a393a0b0020c108a3d8e30fb7aaa4591ef661a86b05f4c9fda999203fd45121db916cbbb5aea83ab909a6cd9dbe326b

  • SSDEEP

    1572864:9Y/ZIS9pZxPZR2uS3c8FsAlXqdaj94wi6:K/ZIwb8FsAlXqdf96

Score
7/10

Malware Config

Targets

    • Target

      pm14free_eng.exe

    • Size

      48.5MB

    • MD5

      18dada76291eaaef7fd5da9230152cf4

    • SHA1

      78dbbb788588b1919d7e013090c2c71c11526933

    • SHA256

      e2fcffdd326685b3c08552a670492e967298230aef306faf2460ead80a35d51f

    • SHA512

      e201cdb9e055ebfe096e93c599e99a801a393a0b0020c108a3d8e30fb7aaa4591ef661a86b05f4c9fda999203fd45121db916cbbb5aea83ab909a6cd9dbe326b

    • SSDEEP

      1572864:9Y/ZIS9pZxPZR2uS3c8FsAlXqdaj94wi6:K/ZIwb8FsAlXqdf96

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks