Overview

overview

6

Static

static

1

Unknown.msi

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    Unknown.msi

  • Size

    2.9MB

  • Sample

    240725-rt355swgnc

  • MD5

    84578df66ac6b2731ceb2112a4e6a79f

  • SHA1

    95fc990c51961cb1ea1aafc8db4118adeb2af00c

  • SHA256

    acc1736985b1b495f002f35cd3bed27946b38fcfa3f413bb025a3787efcfcb52

  • SHA512

    c23869b8be2dda5da930fc84cc8bc858292137a06938710b2c3f88149418d7e929b0b43567fedbb6ca56ffa7feadd4bfef8e9d5c984b78ef58bd1c420e86944d

  • SSDEEP

    49152:7Qfpc/f9r84jEHYDgE5e7vJP5Ferq7I5RJK5k1QcB6jWH5XzatCJkH105fASGdvM:CVHYDgptxFejIC2H1

Score
6/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      Unknown.msi

    • Size

      2.9MB

    • MD5

      84578df66ac6b2731ceb2112a4e6a79f

    • SHA1

      95fc990c51961cb1ea1aafc8db4118adeb2af00c

    • SHA256

      acc1736985b1b495f002f35cd3bed27946b38fcfa3f413bb025a3787efcfcb52

    • SHA512

      c23869b8be2dda5da930fc84cc8bc858292137a06938710b2c3f88149418d7e929b0b43567fedbb6ca56ffa7feadd4bfef8e9d5c984b78ef58bd1c420e86944d

    • SSDEEP

      49152:7Qfpc/f9r84jEHYDgE5e7vJP5Ferq7I5RJK5k1QcB6jWH5XzatCJkH105fASGdvM:CVHYDgptxFejIC2H1

    Score
    6/10
    discoverypersistenceprivilege_escalation

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks