Overview

overview

10

Static

static

1

gugellqii-...64.msi

windows7-x64

6

gugellqii-...64.msi

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gugellqii-chrome--x64.msi.v

  • Size

    45.8MB

  • Sample

    240920-bnmyza1eje

  • MD5

    3aea4f76dc8afe4f1ed432e5e3fce44c

  • SHA1

    523156398a83bc2c37901d63f4f015d3a4112bf6

  • SHA256

    54b0b1ea164b67258568984368b942b11beba91cdd93e4647596d23845efac61

  • SHA512

    b730ec265c65ab160b381a72e9cf1f5bc520c2a7f317a22926305ad0c4ace6289bb2d3d594dccec4289cffd02d162f20d6047c1d8b6fed2ea0626c1d6316dd49

  • SSDEEP

    786432:bsJVB4Bkkf9RAhfodtGkr1wVSCZr/tqaK3d04uSQS/cgDkZF836LoELrXaXMdvSr:bxqi9RgFc1PPd05SQDggcodvS

Score
10/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      gugellqii-chrome--x64.msi.v

    • Size

      45.8MB

    • MD5

      3aea4f76dc8afe4f1ed432e5e3fce44c

    • SHA1

      523156398a83bc2c37901d63f4f015d3a4112bf6

    • SHA256

      54b0b1ea164b67258568984368b942b11beba91cdd93e4647596d23845efac61

    • SHA512

      b730ec265c65ab160b381a72e9cf1f5bc520c2a7f317a22926305ad0c4ace6289bb2d3d594dccec4289cffd02d162f20d6047c1d8b6fed2ea0626c1d6316dd49

    • SSDEEP

      786432:bsJVB4Bkkf9RAhfodtGkr1wVSCZr/tqaK3d04uSQS/cgDkZF836LoELrXaXMdvSr:bxqi9RgFc1PPd05SQDggcodvS

    Score
    10/10
    discoverypersistenceprivilege_escalation

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Drops file in Drivers directory

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks