Overview

overview

6

Static

static

1

968085e969...c2.msi

windows7-x64

6

968085e969...c2.msi

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    968085e9697d39f4bdb330d1b18e7c5903e55abe7fb4ebbf8e3ae816d7af5dc2.msi

  • Size

    64.6MB

  • Sample

    240829-b9gn3szbln

  • MD5

    76fcc34ca114d2461987e79d4ba74426

  • SHA1

    60498c15d00ceffce1fc000798cfee4fa414c56f

  • SHA256

    968085e9697d39f4bdb330d1b18e7c5903e55abe7fb4ebbf8e3ae816d7af5dc2

  • SHA512

    0424ad4cf5d3ea7b67e7bf3fa5c969143d832ca7449b384cb09db024731e3658446701489ff739123bd12668bc76dbd327f500d150137a31fc2f50ca5d57b662

  • SSDEEP

    1572864:nWvXF+e76KJ9I4OzKvmTq4aMh6zGORvApErPLpcNRc3xBKeB:AP5J9I9GWhC7vApEXNCI

Score
6/10
discoveryexecutionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      968085e9697d39f4bdb330d1b18e7c5903e55abe7fb4ebbf8e3ae816d7af5dc2.msi

    • Size

      64.6MB

    • MD5

      76fcc34ca114d2461987e79d4ba74426

    • SHA1

      60498c15d00ceffce1fc000798cfee4fa414c56f

    • SHA256

      968085e9697d39f4bdb330d1b18e7c5903e55abe7fb4ebbf8e3ae816d7af5dc2

    • SHA512

      0424ad4cf5d3ea7b67e7bf3fa5c969143d832ca7449b384cb09db024731e3658446701489ff739123bd12668bc76dbd327f500d150137a31fc2f50ca5d57b662

    • SSDEEP

      1572864:nWvXF+e76KJ9I4OzKvmTq4aMh6zGORvApErPLpcNRc3xBKeB:AP5J9I9GWhC7vApEXNCI

    Score
    6/10
    discoveryexecutionpersistenceprivilege_escalation

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks