Overview

overview

7

Static

static

1

Arch0465723801.msi

windows7-x64

7

Arch0465723801.msi

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Arch0465723801.msi

  • Size

    37.2MB

  • Sample

    240701-j1z33atgjk

  • MD5

    4b8effee7cd036ae012aa8217d923a94

  • SHA1

    65b7b7a8478b745248b35324b1d01836d041d710

  • SHA256

    c98ae9d2a0cdacdc66c2eec7c768f61870a4cc958264ff2a5cb2fd34fcf3e4af

  • SHA512

    bc61ca873f9e8bf358df3ed2f286f2b35fb4502a29de942935d92d1fb618fe0e4726a1b5e123d4782adf96df00d30cb65c962af76918feb478b66262c8332fa5

  • SSDEEP

    786432:L8XkV8Tpj4LjhBwRV4gfBNUlM2mNSd7y/ASelgYuxI03zK/k6V:L18T8wRV4g5al2AeREizK/x

Score
7/10
evasionpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      Arch0465723801.msi

    • Size

      37.2MB

    • MD5

      4b8effee7cd036ae012aa8217d923a94

    • SHA1

      65b7b7a8478b745248b35324b1d01836d041d710

    • SHA256

      c98ae9d2a0cdacdc66c2eec7c768f61870a4cc958264ff2a5cb2fd34fcf3e4af

    • SHA512

      bc61ca873f9e8bf358df3ed2f286f2b35fb4502a29de942935d92d1fb618fe0e4726a1b5e123d4782adf96df00d30cb65c962af76918feb478b66262c8332fa5

    • SSDEEP

      786432:L8XkV8Tpj4LjhBwRV4gfBNUlM2mNSd7y/ASelgYuxI03zK/k6V:L18T8wRV4g5al2AeREizK/x

    Score
    7/10
    evasionpersistenceprivilege_escalationtrojan

    • Drops startup file

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks