Overview

overview

7

Static

static

3

ishredder-windows.msi

windows7-x64

6

ishredder-windows.msi

windows10-2004-x64

6

(x32bit.)_...ch.exe

windows7-x64

7

(x32bit.)_...ch.exe

windows10-2004-x64

7

(x64bit.)_...ch.exe

windows7-x64

7

(x64bit.)_...ch.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    119712b6c7d01cdbc28970b08d49961bd3ca6c60a799137e41ecb07d02148f1a

  • Size

    5.8MB

  • Sample

    240907-3nagesthka

  • MD5

    b213d28097652ff8ee1fad276fcd2127

  • SHA1

    3de4b4aee53a549c857e60a969b2fdc1a8a9261f

  • SHA256

    119712b6c7d01cdbc28970b08d49961bd3ca6c60a799137e41ecb07d02148f1a

  • SHA512

    aca3d6e7c5b930f09dd38692bf19731d6b373ede54d189aade5d304a4875c5228a242346dc1562d022284c4f4a161b94e52f3e13c80904787a1d0cac0aaf35df

  • SSDEEP

    98304:mWpS9L96Wo8FJ6zCohZ27WmwSWoK3qJAF3vL1AyytIRGkGqwlCwnScBKGGVB:mWpS9B6ucGo32d5dK3qJGvby0GkGqwne

Score
7/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      ishredder-windows.msi

    • Size

      5.1MB

    • MD5

      b732d33fd6da8bbb35678d7bedfb9666

    • SHA1

      3b9a192ecd5fbccbb085c69fdf629cc791f8afc2

    • SHA256

      445950b4d135526c4cff89984ad9e768c61294458485802617d0a859d1726a71

    • SHA512

      826986f36b066d24a43c81d732df94fdd73d595cd613602b381faa6b25922bd3414e81725bd15774532d08f2f36ebe00aa940ea74f9742b7551f6556ac367649

    • SSDEEP

      98304:mB+WRu8z8e8D8a8u8jOtO4oDN0QWAkgGkMdJRAxNFX/K0I7B8e8x82878e8:Eu8VAZlIiO4oR06ZnMdJRWF9IVVq9kV

    Score
    6/10
    discoverypersistenceprivilege_escalation

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

    • Target

      (x32bit.)_v7.0.21.01.09_patch.exe

    • Size

      869KB

    • MD5

      c93086c1c5258ab3cea9da16962e55c1

    • SHA1

      57f044687414559eab31daf03f8d5359972142ea

    • SHA256

      f0fb26657e185c344980cd2d3d96a02db0182d4af96e20fbd34c55f12bf19260

    • SHA512

      254864ac98ae2d271c7b720e7c09152c84529ec3bb7d7ab17a5d99db882349a2006c28f58032dc0aa22397118186e481ce80fc6db797dffacf788ea5c2370d29

    • SSDEEP

      12288:QaHnE8PJrjULTheHDLqW+KKfe6LXXyfWgEKFq1a7lRB3NoqwdkDecCBrVmmot6XK:ZHExLlol1nFgwlDN9De5oQXKByh4

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral3behavioral4

    • Target

      (x64bit.)_v7.0.21.01.09_patch.exe

    • Size

      853KB

    • MD5

      61c6de9ef2d61f6d77de86f9b3d6f848

    • SHA1

      a1e434c61d797122cbb345b28ccbc90d2a0a76df

    • SHA256

      ba5fc4658d6a7f57f9794725aff0d09489680fe3b9c818d682dab6a8eb795606

    • SHA512

      fd6240a863462af7dfcdd6f0c5e8001762427aa88c9e3a89b0ca6b16b6a4c16885dba1334b15f4c0ce9b8122c28b301eb3ec4d8ea41872c685845a4b2c9e5801

    • SSDEEP

      24576:Bv+nMxZlyVc/Is38RGI5hrAZr0i0pcnggWlV:pjnlQcws36Gr14V

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks