e118ed7180a51f5b00eab04b6172ca84c0a6e44c3253b4b74d8e2937321ee19c | Triage

Submit
Reports

Overview

overview

6

Static

static

1

SceneBuild....0.msi

windows7-x64

6

SceneBuild....0.msi

windows10-2004-x64

6

Resubmissions

24-06-2024 18:10

240624-wr2lrawand 6

Sharing

General

Target

SceneBuilder-22.0.0.msi
Size

89.0MB
Sample

240624-wr2lrawand
MD5

0271c1538a40da22cb67eebff56d9dfa
SHA1

3662a1509e9a01e74bb8cece04b47789180579e6
SHA256

e118ed7180a51f5b00eab04b6172ca84c0a6e44c3253b4b74d8e2937321ee19c
SHA512

9443f60b80f37a6d8da2afda498903d12b8e1b4857e67de500e2a5c57418e7e776fdbd5687065eb1ab83238906916f202c0a0141868fa74a427aff2bd32ab327
SSDEEP

1572864:pThpvoDXXbPEnop2oT4QOLUx/5gF1nYGivJZqTB303d9g4ztAVRkW84ldt:pT+XTWop2Clqs5gF1Yl2Tz4ztADkN0dt

Score

6^/10

persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

SceneBuilder-22.0.0.msi

Resource

win7-20240611-en

persistence privilege_escalation

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

SceneBuilder-22.0.0.msi

Resource

win10v2004-20240508-en

persistence privilege_escalation

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  SceneBuilder-22.0.0.msi
- Size
  
  89.0MB
- MD5
  
  0271c1538a40da22cb67eebff56d9dfa
- SHA1
  
  3662a1509e9a01e74bb8cece04b47789180579e6
- SHA256
  
  e118ed7180a51f5b00eab04b6172ca84c0a6e44c3253b4b74d8e2937321ee19c
- SHA512
  
  9443f60b80f37a6d8da2afda498903d12b8e1b4857e67de500e2a5c57418e7e776fdbd5687065eb1ab83238906916f202c0a0141868fa74a427aff2bd32ab327
- SSDEEP
  
  1572864:pThpvoDXXbPEnop2oT4QOLUx/5gF1nYGivJZqTB303d9g4ztAVRkW84ldt:pT+XTWop2Clqs5gF1Yl2Tz4ztADkN0dt
Score

6^/10

persistence privilege_escalation
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation

© 2018-2024

Terms | Privacy