Overview

overview

8

Static

static

1

92056e7b19...cd.msi

windows7-x64

6

92056e7b19...cd.msi

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    92056e7b19a7f59ea53482f7d5d6f1a4d9320d71d2422f906c6fcf46b85f6fcd.msi

  • Size

    9.2MB

  • Sample

    240728-bvc3catbne

  • MD5

    5745d7cc8d45b0a4f2a453462312cdcf

  • SHA1

    0fef4497555f949022e8f71dd649f425bbfc331b

  • SHA256

    92056e7b19a7f59ea53482f7d5d6f1a4d9320d71d2422f906c6fcf46b85f6fcd

  • SHA512

    15a297d25e53146cc2404d8700552d377e2514aa98a63d8b124795f697a54da937b7de7ecbd9c2bb112b0d8fdd46b991178c8cb632219d3b3623707ccc492489

  • SSDEEP

    49152:rqYOtB7WHgVI0g6Tbrz5io+HGGWxyzPlrXVVdWpA11V7RWypBqZdQwOh+yH/mUl+:rqYe7W9GGWQlGAdydQwKHS

Score
8/10
discoveryevasionexecutionpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      92056e7b19a7f59ea53482f7d5d6f1a4d9320d71d2422f906c6fcf46b85f6fcd.msi

    • Size

      9.2MB

    • MD5

      5745d7cc8d45b0a4f2a453462312cdcf

    • SHA1

      0fef4497555f949022e8f71dd649f425bbfc331b

    • SHA256

      92056e7b19a7f59ea53482f7d5d6f1a4d9320d71d2422f906c6fcf46b85f6fcd

    • SHA512

      15a297d25e53146cc2404d8700552d377e2514aa98a63d8b124795f697a54da937b7de7ecbd9c2bb112b0d8fdd46b991178c8cb632219d3b3623707ccc492489

    • SSDEEP

      49152:rqYOtB7WHgVI0g6Tbrz5io+HGGWxyzPlrXVVdWpA11V7RWypBqZdQwOh+yH/mUl+:rqYe7W9GGWQlGAdydQwKHS

    Score
    8/10
    discoveryevasionexecutionpersistenceprivilege_escalationtrojan

    • Blocklisted process makes network request

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks