9b0bcf400badc55d3acc1db7b9e086135ee2a87dd8e1f9bab2f4dbd642a51dfd | Triage

Sharing

General

Target

x64_x32_installer__v4.1.1.msi
Size

34.3MB
Sample

240823-qbbgqsvgme
MD5

d00dfa1254adae89e3d61f58ff09ba9b
SHA1

110b147dee11dc7fc5f9411f977e2f94f0259a91
SHA256

9b0bcf400badc55d3acc1db7b9e086135ee2a87dd8e1f9bab2f4dbd642a51dfd
SHA512

3c581c5437e33c61adfcd5dd0c41714ccbe8797556d4e8bc1941f5090a28120a6dee061e7f2acc6efe43d7ee43311ef13ee9215a99eb00d572f433669ee7499d
SSDEEP

786432:rt9sUyTDXySTjxA4Ztx2+G+N0WYQYBXPByttH+dktHEDv0y2beW:rt9M7xVLYjsp+ikJ2yW

Score

6^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  x64_x32_installer__v4.1.1.msi
- Size
  
  34.3MB
- MD5
  
  d00dfa1254adae89e3d61f58ff09ba9b
- SHA1
  
  110b147dee11dc7fc5f9411f977e2f94f0259a91
- SHA256
  
  9b0bcf400badc55d3acc1db7b9e086135ee2a87dd8e1f9bab2f4dbd642a51dfd
- SHA512
  
  3c581c5437e33c61adfcd5dd0c41714ccbe8797556d4e8bc1941f5090a28120a6dee061e7f2acc6efe43d7ee43311ef13ee9215a99eb00d572f433669ee7499d
- SSDEEP
  
  786432:rt9sUyTDXySTjxA4Ztx2+G+N0WYQYBXPByttH+dktHEDv0y2beW:rt9M7xVLYjsp+ikJ2yW
Score

6^/10

discovery persistence privilege_escalation
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

System Binary Proxy Execution

Msiexec

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation