Overview

overview

6

Static

static

1

a75287cc14...7b.msi

windows7-x64

6

a75287cc14...7b.msi

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    a75287cc1412efff5df14e6e8a59cf38bdb3e2fbd60f19126671fe5493cee47b.msi

  • Size

    64.6MB

  • Sample

    240829-cdhryazdlk

  • MD5

    dde14d0e46b12f8a8c0cd770b905162c

  • SHA1

    a2d8c6e6bd927d1905bd174303a1dc5facf25590

  • SHA256

    a75287cc1412efff5df14e6e8a59cf38bdb3e2fbd60f19126671fe5493cee47b

  • SHA512

    6bd3467b1f61488aae4e8067f28f9462f14296f3c4312b12135ebeca3df2cc9c5c50a392edbe995a84f90cbc240d5b5d1979076235c53ab646ad9ccbe07dc481

  • SSDEEP

    1572864:YdvXF+e76KJ9I4OzKvmTq4aMh6zGORvApErPLpcNRc3xBKHR:uP5J9I9GWhC7vApEXNCH

Score
6/10
discoveryexecutionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      a75287cc1412efff5df14e6e8a59cf38bdb3e2fbd60f19126671fe5493cee47b.msi

    • Size

      64.6MB

    • MD5

      dde14d0e46b12f8a8c0cd770b905162c

    • SHA1

      a2d8c6e6bd927d1905bd174303a1dc5facf25590

    • SHA256

      a75287cc1412efff5df14e6e8a59cf38bdb3e2fbd60f19126671fe5493cee47b

    • SHA512

      6bd3467b1f61488aae4e8067f28f9462f14296f3c4312b12135ebeca3df2cc9c5c50a392edbe995a84f90cbc240d5b5d1979076235c53ab646ad9ccbe07dc481

    • SSDEEP

      1572864:YdvXF+e76KJ9I4OzKvmTq4aMh6zGORvApErPLpcNRc3xBKHR:uP5J9I9GWhC7vApEXNCH

    Score
    6/10
    discoverypersistenceprivilege_escalationexecution

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks