c06862ff3b496a02e78e4b9fa8a928f7a8e4f86eed7f1d4de020267c552ccc9e | Triage

Submit
Reports

Overview

overview

8

Static

static

1

c06862ff3b...9e.msi

windows7-x64

8

c06862ff3b...9e.msi

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

c06862ff3b496a02e78e4b9fa8a928f7a8e4f86eed7f1d4de020267c552ccc9e.msi
Size

16.9MB
Sample

240721-ljyvsaxgmh
MD5

93a83f04408a41d8a6b342374639d2d7
SHA1

be2b002da0734e65e0561cdd2f284a1da223945e
SHA256

c06862ff3b496a02e78e4b9fa8a928f7a8e4f86eed7f1d4de020267c552ccc9e
SHA512

7552a43e01459bbc8f703a4c060b20e8b3e88becb7fdee2b35c3b28b505d0f000da18c9dac5f81a8eca99dc345c2c36e482eb10ae1e40fa909686e9457b8c821
SSDEEP

393216:4eFhl8agAfX0GTI4Xvq/uNe+yqzynb2OibdJrKtw9I1:4eFz8ag4014S/uPxzsibL2w9

Score

8^/10

execution persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

c06862ff3b496a02e78e4b9fa8a928f7a8e4f86eed7f1d4de020267c552ccc9e.msi

Resource

win7-20240704-en

execution persistence privilege_escalation

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

c06862ff3b496a02e78e4b9fa8a928f7a8e4f86eed7f1d4de020267c552ccc9e.msi

Resource

win10v2004-20240709-en

execution persistence privilege_escalation

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  c06862ff3b496a02e78e4b9fa8a928f7a8e4f86eed7f1d4de020267c552ccc9e.msi
- Size
  
  16.9MB
- MD5
  
  93a83f04408a41d8a6b342374639d2d7
- SHA1
  
  be2b002da0734e65e0561cdd2f284a1da223945e
- SHA256
  
  c06862ff3b496a02e78e4b9fa8a928f7a8e4f86eed7f1d4de020267c552ccc9e
- SHA512
  
  7552a43e01459bbc8f703a4c060b20e8b3e88becb7fdee2b35c3b28b505d0f000da18c9dac5f81a8eca99dc345c2c36e482eb10ae1e40fa909686e9457b8c821
- SSDEEP
  
  393216:4eFhl8agAfX0GTI4Xvq/uNe+yqzynb2OibdJrKtw9I1:4eFz8ag4014S/uPxzsibL2w9
Score

8^/10

execution persistence privilege_escalation
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistenceprivilege_escalation

behavioral2

executionpersistenceprivilege_escalation

© 2018-2025

Terms | Privacy