e3ea20d5cf0a996e73e23e9736b5819c4118b9fc83e46de65e3e946c98ba5850 | Triage

Sharing

General

Target

e3ea20d5cf0a996e73e23e9736b5819c4118b9fc83e46de65e3e946c98ba5850.msi
Size

23.8MB
Sample

240719-jm45vszdjj
MD5

a9da8f5742f7373afe86dd07d351d5b7
SHA1

9d98740d5486a9c77cdff37013808e7f1fd17f5b
SHA256

e3ea20d5cf0a996e73e23e9736b5819c4118b9fc83e46de65e3e946c98ba5850
SHA512

7128a76036ed54796a6ef85d84415ca466bb44c7494255f389e4ec64c34ddf85b294412148abc649d231c5eb367de74926751d108e3b4c582f4578ceb7ef362f
SSDEEP

393216:JjIMrNA+wjq8VKsw8efMKlLUwPUnr/rlXwqiDPgJugSAFEbfHIdq0TgakK+iXuyP:BIMrNNwW5s3KdUwPUnr/rSqHJ5Wvgq0d

Score

6^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  e3ea20d5cf0a996e73e23e9736b5819c4118b9fc83e46de65e3e946c98ba5850.msi
- Size
  
  23.8MB
- MD5
  
  a9da8f5742f7373afe86dd07d351d5b7
- SHA1
  
  9d98740d5486a9c77cdff37013808e7f1fd17f5b
- SHA256
  
  e3ea20d5cf0a996e73e23e9736b5819c4118b9fc83e46de65e3e946c98ba5850
- SHA512
  
  7128a76036ed54796a6ef85d84415ca466bb44c7494255f389e4ec64c34ddf85b294412148abc649d231c5eb367de74926751d108e3b4c582f4578ceb7ef362f
- SSDEEP
  
  393216:JjIMrNA+wjq8VKsw8efMKlLUwPUnr/rlXwqiDPgJugSAFEbfHIdq0TgakK+iXuyP:BIMrNNwW5s3KdUwPUnr/rSqHJ5Wvgq0d
Score

6^/10

persistence privilege_escalation
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation