Resubmissions

14-08-2024 19:23

240814-x39l6svbpk 6

14-08-2024 19:15

240814-xyma3syhng 6

14-08-2024 19:14

240814-xxwhcsyhjh 8

General

  • Target

    H2M Launcher_0.12.0_x64_en-US (1).msi

  • Size

    9.7MB

  • Sample

    240814-x39l6svbpk

  • MD5

    8d970001c7e13b7e3cc4fd3a025a1770

  • SHA1

    38c1252823985eb212e2a8bfdaed2df2d555b67d

  • SHA256

    6659e4a6a0327dfa5d2580ca37b3e628fb4adf9031c107e3209cad1d9b29e711

  • SHA512

    cfcf12f9454cdca50ad9fa6f151f125cb4b74afff19d603429b7e773c1046d6fd72992fcaa01ff20c4d6088b5a19c7e44680a7354fb8205dec556471f2d4c486

  • SSDEEP

    196608:+USFXEnISE/hCK6I+oFm3q6rLznPTzOrHJF0C9yIVxJP:iXEnISE/Pkg0X4X0CHx

Malware Config

Targets

    • Target

      H2M Launcher_0.12.0_x64_en-US (1).msi

    • Size

      9.7MB

    • MD5

      8d970001c7e13b7e3cc4fd3a025a1770

    • SHA1

      38c1252823985eb212e2a8bfdaed2df2d555b67d

    • SHA256

      6659e4a6a0327dfa5d2580ca37b3e628fb4adf9031c107e3209cad1d9b29e711

    • SHA512

      cfcf12f9454cdca50ad9fa6f151f125cb4b74afff19d603429b7e773c1046d6fd72992fcaa01ff20c4d6088b5a19c7e44680a7354fb8205dec556471f2d4c486

    • SSDEEP

      196608:+USFXEnISE/hCK6I+oFm3q6rLznPTzOrHJF0C9yIVxJP:iXEnISE/Pkg0X4X0CHx

    • Checks whether UAC is enabled

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Event Triggered Execution: Image File Execution Options Injection

    • Network Share Discovery

      Attempt to gather information on host network.

    • Detected potential entity reuse from brand microsoft.

    • Drops file in System32 directory

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

MITRE ATT&CK Enterprise v15

Tasks