e54675fdcd9d66f78f122b7dd4b61f2acd77951dcdd32914af8ace2ff71fd18c | Triage

Sharing

General

Target

Retrac_Launcher_1.0.9_x64_en-US.msi
Size

6.6MB
Sample

240723-l28spszepg
MD5

79a3ef34fb61355df68b7931c56f08f5
SHA1

f945151e501116aa5d2fbe3698cd55ff9b766691
SHA256

e54675fdcd9d66f78f122b7dd4b61f2acd77951dcdd32914af8ace2ff71fd18c
SHA512

72c0e71202b50874a6200953e20adcd4b5b0299921172ab1185565fe57490b0073789e1528ebf1de5a7f2922b49b21a2c360f5aaaa455596f2f4fecfbad52f57
SSDEEP

196608:llBaVrNSXtyiN2gU3HS5oWQWnXl2m/YXGz:4db32jBnV2m/z

Score

8^/10

execution persistence privilege_escalation

Malware Config

Targets

- Target
  
  Retrac_Launcher_1.0.9_x64_en-US.msi
- Size
  
  6.6MB
- MD5
  
  79a3ef34fb61355df68b7931c56f08f5
- SHA1
  
  f945151e501116aa5d2fbe3698cd55ff9b766691
- SHA256
  
  e54675fdcd9d66f78f122b7dd4b61f2acd77951dcdd32914af8ace2ff71fd18c
- SHA512
  
  72c0e71202b50874a6200953e20adcd4b5b0299921172ab1185565fe57490b0073789e1528ebf1de5a7f2922b49b21a2c360f5aaaa455596f2f4fecfbad52f57
- SSDEEP
  
  196608:llBaVrNSXtyiN2gU3HS5oWQWnXl2m/YXGz:4db32jBnV2m/z
Score

8^/10

execution persistence privilege_escalation
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation