General
-
Target
qfgble.msi
-
Size
1.1MB
-
Sample
240814-bpad9stejb
-
MD5
571ce67021d1e2663969e19cd3400275
-
SHA1
e667a011bd0e85d1a07c18ce1ed404e41d63ad69
-
SHA256
76726dc074d748007e6fa6db864c8469b3a6e9ec0d5547fb97a01f33e4942264
-
SHA512
8f42e1f29b0bcde3fb889c39c3233610978bca7457d46c1ac0c99c9a6f4787e996a6cfcb80ea9504c015bc9c5f5d16e458f970c2171d185b339872592bb415e0
-
SSDEEP
24576:PEnRmJkcoQricOIQxiZY1iajw1OeYQ8PoW6GI2Nj:PEMJZoQrbTFZY1iac118PT6GJN
Malware Config
Targets
-
-
Target
qfgble.msi
-
Size
1.1MB
-
MD5
571ce67021d1e2663969e19cd3400275
-
SHA1
e667a011bd0e85d1a07c18ce1ed404e41d63ad69
-
SHA256
76726dc074d748007e6fa6db864c8469b3a6e9ec0d5547fb97a01f33e4942264
-
SHA512
8f42e1f29b0bcde3fb889c39c3233610978bca7457d46c1ac0c99c9a6f4787e996a6cfcb80ea9504c015bc9c5f5d16e458f970c2171d185b339872592bb415e0
-
SSDEEP
24576:PEnRmJkcoQricOIQxiZY1iajw1OeYQ8PoW6GI2Nj:PEMJZoQrbTFZY1iac118PT6GJN
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1