Overview

overview

8

Static

static

1

WindowsPac...ge.exe

windows7-x64

8

WindowsPac...ge.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    WindowsPackage.rar

  • Size

    209KB

  • Sample

    240902-ranaks1hlq

  • MD5

    d5a31e76593dfaca1e980b5906a46807

  • SHA1

    c068a76097312a8d87c5b87c16be74e4a2e1ffd1

  • SHA256

    0abbdb0ccc542b3b8ace6d1d125278a7b840553c3fc494d00b318cf7ead75d04

  • SHA512

    1012a5bacddc3eaa896aff0b9e7c184715f762c34a44837ce570da551e5e7e7666de2b4340264d761524ced8026bd894b062d0bc7f8e721618cb55df156d3303

  • SSDEEP

    6144:IgJtv7TBlAABtsv8ka+IrCz0e4vnAB6ZMINji:IgDvfBlrBtFk6WB4vnM6ZMINji

Score
8/10
discovery

Malware Config

Targets

    • Target

      WindowsPackage/WindowsPackage.exe

    • Size

      339KB

    • MD5

      ceaa5817a65e914aa178b28f12359a46

    • SHA1

      534a7ea9c67bab3e8f2d41977bf43d41dfe951cf

    • SHA256

      6c959cfb001fbb900958441dfd8b262fb33e052342948bab338775d3e83ef7f7

    • SHA512

      fef4c0b451d18a9eb73045b3ddcd44450294f06c616cc7175850e6315a6265bd077c8fd09782c486eea624145c7d4c18f8e00a94c0deb394900f9b3e70e60320

    • SSDEEP

      6144:tlsHe0BivO39zYpmH+kAzkA7ZUgbc6AYJ8rEdrEbAgMMV6NX5ZNeVgjYf:InIO39YAeNLFjAYarEdrEb5P6VxY

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks