General

  • Target

    28b23f944ea8d1cc47e7d24e84ef5726481e070a0a42d6eb903316b1f15aa403.msi

  • Size

    5.0MB

  • Sample

    240618-s97c6szerc

  • MD5

    5754830eb5984d79180f34ff73ed6e46

  • SHA1

    90d188fce3cf6fa91ec497663c0df24da5a7a278

  • SHA256

    28b23f944ea8d1cc47e7d24e84ef5726481e070a0a42d6eb903316b1f15aa403

  • SHA512

    7962766c21d0bd16833fa47984a167cb87db0671a7ed2214c0e3d30caceced9a5114e6f70ac20543b7d11710198ef79c39bf688c16f52d8c85f48be63d574ab4

  • SSDEEP

    49152:tQEc/f9r84jEHYDgA5+7vCycFTznm9500zjjZT9eFOsmBBU7FFUG0yzAaeTG8qds:9VHYDgFuyclbrPcGJsEa2uDmxhffUme

Malware Config

Targets

    • Target

      28b23f944ea8d1cc47e7d24e84ef5726481e070a0a42d6eb903316b1f15aa403.msi

    • Size

      5.0MB

    • MD5

      5754830eb5984d79180f34ff73ed6e46

    • SHA1

      90d188fce3cf6fa91ec497663c0df24da5a7a278

    • SHA256

      28b23f944ea8d1cc47e7d24e84ef5726481e070a0a42d6eb903316b1f15aa403

    • SHA512

      7962766c21d0bd16833fa47984a167cb87db0671a7ed2214c0e3d30caceced9a5114e6f70ac20543b7d11710198ef79c39bf688c16f52d8c85f48be63d574ab4

    • SSDEEP

      49152:tQEc/f9r84jEHYDgA5+7vCycFTznm9500zjjZT9eFOsmBBU7FFUG0yzAaeTG8qds:9VHYDgFuyclbrPcGJsEa2uDmxhffUme

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Event Triggered Execution

1
T1546

Installer Packages

1
T1546.016

Privilege Escalation

Event Triggered Execution

1
T1546

Installer Packages

1
T1546.016

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks