General

  • Target

    setup.msi

  • Size

    44.1MB

  • Sample

    240618-tcahlsvapj

  • MD5

    2f23ee684c2ba16f84c2872b47eb3e57

  • SHA1

    f6ca4e3426f98884589df1f3446802850cfbce7d

  • SHA256

    a31a7656d56595fc513925587b63334bbd9b7fd3aa45da5f95857ca168a3f00d

  • SHA512

    3b52929d8d12ad08f670fdebb04a7f159b5c46b0c7419ce347cf01f02ff6fa26d5bb788c544f678fb403181d010f2de0c1f9491b10f04b538ca81d6d3778c0d3

  • SSDEEP

    786432:VFhOxj5Hc4F3DEbN7d7M2MBX2YS2Z/xdVrHpHUY+uk1gObyepHNpOG5R:Veh5xg7KX92YS2ZtBZ6xNkG5

Malware Config

Targets

    • Target

      setup.msi

    • Size

      44.1MB

    • MD5

      2f23ee684c2ba16f84c2872b47eb3e57

    • SHA1

      f6ca4e3426f98884589df1f3446802850cfbce7d

    • SHA256

      a31a7656d56595fc513925587b63334bbd9b7fd3aa45da5f95857ca168a3f00d

    • SHA512

      3b52929d8d12ad08f670fdebb04a7f159b5c46b0c7419ce347cf01f02ff6fa26d5bb788c544f678fb403181d010f2de0c1f9491b10f04b538ca81d6d3778c0d3

    • SSDEEP

      786432:VFhOxj5Hc4F3DEbN7d7M2MBX2YS2Z/xdVrHpHUY+uk1gObyepHNpOG5R:Veh5xg7KX92YS2ZtBZ6xNkG5

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Event Triggered Execution

1
T1546

Installer Packages

1
T1546.016

Privilege Escalation

Event Triggered Execution

1
T1546

Installer Packages

1
T1546.016

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks