b5b7b3f8d02604894fea421f9f6b6d47150e958d822b6038df3d3ff599fea569 | Triage

Sharing

General

Target

host6.3.msi
Size

7.3MB
Sample

240807-tjd5datfpe
MD5

9a854e28b0756b607d151ba315e67d3c
SHA1

a3ad57995fc1980680a8db2a05fbf77d39989f83
SHA256

b5b7b3f8d02604894fea421f9f6b6d47150e958d822b6038df3d3ff599fea569
SHA512

1f288e470b1af99d89e20b0d1a622df56c7c6e59f63ad8388fba3d5e1d3b1deb99077b1cd59541a46edfa55e001908e6a3fd69bea96e696eee6e455a7e8e59a8
SSDEEP

98304:uYyYaKeS0cyBZuhUd3S4mHXbReA7+GcsdfR4fTZIQtdawGEhWFG7OFV3mEQjGV+q:vmpFMUM4mNYGceflQdzG1Ek3NQjUPx

Score

6^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  host6.3.msi
- Size
  
  7.3MB
- MD5
  
  9a854e28b0756b607d151ba315e67d3c
- SHA1
  
  a3ad57995fc1980680a8db2a05fbf77d39989f83
- SHA256
  
  b5b7b3f8d02604894fea421f9f6b6d47150e958d822b6038df3d3ff599fea569
- SHA512
  
  1f288e470b1af99d89e20b0d1a622df56c7c6e59f63ad8388fba3d5e1d3b1deb99077b1cd59541a46edfa55e001908e6a3fd69bea96e696eee6e455a7e8e59a8
- SSDEEP
  
  98304:uYyYaKeS0cyBZuhUd3S4mHXbReA7+GcsdfR4fTZIQtdawGEhWFG7OFV3mEQjGV+q:vmpFMUM4mNYGceflQdzG1Ek3NQjUPx
Score

6^/10

discovery persistence privilege_escalation
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

System Binary Proxy Execution

Msiexec

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation