Overview

overview

6

Static

static

1

PGCTGZXFCD...08.msi

windows7-x64

6

PGCTGZXFCD...08.msi

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PGCTGZXFCD20242008.msi

  • Size

    64.6MB

  • Sample

    240821-l1kz9asbqd

  • MD5

    d65f0b1d9d478f6785edaece2f04b92a

  • SHA1

    cda3ad0a0c7c1c95497e2654978ed197e21c688f

  • SHA256

    2a7a97fe1b769f2b74ebd66c447708f5b5beb60bad5a53d05d7f428770ba2f62

  • SHA512

    cbbbc85be36b465b65af37f401d3f27ed1fa633bb8617ea10260aa80253e21ee3881887eb20d82494cd1eacde845c1c8ccb9d664a929fece9a6a6eac44ef4d7d

  • SSDEEP

    1572864:EzvXF+e76KJ9I4OzKvmTq4aMh6zGORvApErPLpcNRc3xBKCU9:iP5J9I9GWhC7vApEXNC19

Score
6/10
discoveryexecutionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      PGCTGZXFCD20242008.msi

    • Size

      64.6MB

    • MD5

      d65f0b1d9d478f6785edaece2f04b92a

    • SHA1

      cda3ad0a0c7c1c95497e2654978ed197e21c688f

    • SHA256

      2a7a97fe1b769f2b74ebd66c447708f5b5beb60bad5a53d05d7f428770ba2f62

    • SHA512

      cbbbc85be36b465b65af37f401d3f27ed1fa633bb8617ea10260aa80253e21ee3881887eb20d82494cd1eacde845c1c8ccb9d664a929fece9a6a6eac44ef4d7d

    • SSDEEP

      1572864:EzvXF+e76KJ9I4OzKvmTq4aMh6zGORvApErPLpcNRc3xBKCU9:iP5J9I9GWhC7vApEXNC19

    Score
    6/10
    discoveryexecutionpersistenceprivilege_escalation

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks