Overview

overview

6

Static

static

1

Dnf2024098992xml.msi

windows10-1703-x64

6

Dnf2024098992xml.msi

windows7-x64

6

Dnf2024098992xml.msi

windows10-2004-x64

6

Dnf2024098992xml.msi

windows11-21h2-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Dnf2024098992xml_42113.zip

  • Size

    18.1MB

  • Sample

    240727-hwpwvswejh

  • MD5

    9269894d2315d2a80f9f874b74e05e01

  • SHA1

    b9d9a46b73063832cfe986e93e19ca65f2710f02

  • SHA256

    cf6fe3e88580bf31a1cbecb62a22e632c622da4ba9370bd7804f8e06c12aac5e

  • SHA512

    ea80bb967bcb9449ab6a952dc149bb1ea3deec2d21c049d01eeb01eed6218a89141ee4d134fd9ccc854d454db6118ab9f8d50eecefa2657c39dc0b88411507a5

  • SSDEEP

    393216:7ViIoz0O+mF5nWicM5GMVwgUqna2PjpzMgppdZEK+wz8PPQRas0:7reGmF53z8T6Pj+gpliwzmQI

Score
6/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      Dnf2024098992xml.msi

    • Size

      18.9MB

    • MD5

      adbc9edef9f65786ff7be64b6c721446

    • SHA1

      1ff08d5235fa69d450c1b92d1308e8567b2251c9

    • SHA256

      93c737e02b4b290af46956efc8992aed68656d1e886bc9f4293300979a4e5b21

    • SHA512

      4f4c4ef0cf88ef4bd250b29b2a486aec7ec48bcbba22c68aacb2d2a858e44b026fe78dfcdf61cbe6a81d41db31cd968f64e62594b8cdbdc3f59a9c1a5ef57ed5

    • SSDEEP

      393216:aLLMsEwlmGkG7Nvy+4sbKSvGy80nqUXRN5sktd5LSSCCpsJhqNO:aveS6G7NDTwfwXRUktDACp6q

    Score
    6/10
    discoverypersistenceprivilege_escalation

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Event Triggered Execution

1
T1546

Installer Packages

1
T1546.016

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Event Triggered Execution

1
T1546

Installer Packages

1
T1546.016

Defense Evasion

Modify Registry

2
T1112

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

System Binary Proxy Execution

1
T1218

Msiexec

1
T1218.007

Credential Access

Discovery

Peripheral Device Discovery

1
T1120

Query Registry

1
T1012

System Information Discovery

1
T1082

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks