General
-
Target
pbom_inst_1.4_beta(x64).msi
-
Size
3.4MB
-
Sample
240807-wyh3zsverh
-
MD5
8455de183203cac17b2ab05c91d99d2b
-
SHA1
dff77899736418eb0a593f53cac2611a175bd76c
-
SHA256
3ec6c7f6a2a9b6e89b3318a18c01a0c3b3c93c8937e8d14e69488b658a0f88f5
-
SHA512
1afbc4149099dffdf2ac1a91222934dbe9a06764ff7a34dbb8a766f8f36b0537bae4d4bd972dbbcfacb75bd8c7f4bd1379d5aa27dbe842c8d6f977c7a0411e96
-
SSDEEP
49152:pdDB/3Nn7BxwuIIwrG0IwrGn7FTNh4ZZtlLMbm70ei1s8eLHyTySuQJUuDK:Bdn7BxwuITDTINiZZtlLMbmi1d2yAQq
Malware Config
Targets
-
-
Target
pbom_inst_1.4_beta(x64).msi
-
Size
3.4MB
-
MD5
8455de183203cac17b2ab05c91d99d2b
-
SHA1
dff77899736418eb0a593f53cac2611a175bd76c
-
SHA256
3ec6c7f6a2a9b6e89b3318a18c01a0c3b3c93c8937e8d14e69488b658a0f88f5
-
SHA512
1afbc4149099dffdf2ac1a91222934dbe9a06764ff7a34dbb8a766f8f36b0537bae4d4bd972dbbcfacb75bd8c7f4bd1379d5aa27dbe842c8d6f977c7a0411e96
-
SSDEEP
49152:pdDB/3Nn7BxwuIIwrG0IwrGn7FTNh4ZZtlLMbm70ei1s8eLHyTySuQJUuDK:Bdn7BxwuITDTINiZZtlLMbmi1d2yAQq
Score6/10-
Downloads MZ/PE file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
2Component Object Model Hijacking
1Installer Packages
1Privilege Escalation
Event Triggered Execution
2Component Object Model Hijacking
1Installer Packages
1