Overview

overview

6

Static

static

1

bd479d266d...a5.msi

windows7-x64

6

bd479d266d...a5.msi

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    bd479d266d399cc82669857aef8bf8b108cb5fd42730da6565dd563df022f0a5.msi

  • Size

    17.6MB

  • Sample

    240823-mbebva1bmj

  • MD5

    ce12de24c0c3b7d34fb03195c3969265

  • SHA1

    0561d9d3d4dfded43cdd3087d8cb7147eab9e4fd

  • SHA256

    bd479d266d399cc82669857aef8bf8b108cb5fd42730da6565dd563df022f0a5

  • SHA512

    078ca6b0abdb01941b1d9c9d7c5a13a6ede4171df77058069a82e943306502077ebe76a3f215504fa79d13261ed3b8a57f618c9ec85dbe717e2bbe1f2a68ff9d

  • SSDEEP

    393216:HgTZNBsW5aieKUfQ2l+4PEl+R53X+/yTENtOvMXdUEY/X:ATTCW5aiLUfQ2pEly3cNtVXdUt/

Score
6/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      bd479d266d399cc82669857aef8bf8b108cb5fd42730da6565dd563df022f0a5.msi

    • Size

      17.6MB

    • MD5

      ce12de24c0c3b7d34fb03195c3969265

    • SHA1

      0561d9d3d4dfded43cdd3087d8cb7147eab9e4fd

    • SHA256

      bd479d266d399cc82669857aef8bf8b108cb5fd42730da6565dd563df022f0a5

    • SHA512

      078ca6b0abdb01941b1d9c9d7c5a13a6ede4171df77058069a82e943306502077ebe76a3f215504fa79d13261ed3b8a57f618c9ec85dbe717e2bbe1f2a68ff9d

    • SSDEEP

      393216:HgTZNBsW5aieKUfQ2l+4PEl+R53X+/yTENtOvMXdUEY/X:ATTCW5aiLUfQ2pEly3cNtVXdUt/

    Score
    6/10
    discoverypersistenceprivilege_escalation

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks