Overview

overview

8

Static

static

1

CITROEN.msi

windows7-x64

8

CITROEN.msi

windows10-2004-x64

8

Resubmissions

21/09/2024, 02:10

240921-clx7lazgrj 8

20/09/2024, 22:14

240920-15mrza1enp 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CITROEN.msi

  • Size

    1.6MB

  • Sample

    240921-clx7lazgrj

  • MD5

    b9134d2ca1cb72f262c362ba304b0d07

  • SHA1

    e2fb74f18b4d0169e26a327ad2b7015bcba83581

  • SHA256

    c3f8ebc9cfb7ebe1ebbe3a4210753b271fecf73392fef98519b823a3e7c056c7

  • SHA512

    ba6c9b80b10639e743b7b0ca7dc78b7f8c8bbe1e9c66989a7889a19d82cac8f852f8bff9d4d7b6b7e7614ab1d45dd172327c50d3abcfbdd6ef62af800471a12c

  • SSDEEP

    49152:xv53YhW8zBQSc0ZnSKBZKumZr7ALFUSNH9:3YY0Zn3K/ALq+H

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      CITROEN.msi

    • Size

      1.6MB

    • MD5

      b9134d2ca1cb72f262c362ba304b0d07

    • SHA1

      e2fb74f18b4d0169e26a327ad2b7015bcba83581

    • SHA256

      c3f8ebc9cfb7ebe1ebbe3a4210753b271fecf73392fef98519b823a3e7c056c7

    • SHA512

      ba6c9b80b10639e743b7b0ca7dc78b7f8c8bbe1e9c66989a7889a19d82cac8f852f8bff9d4d7b6b7e7614ab1d45dd172327c50d3abcfbdd6ef62af800471a12c

    • SSDEEP

      49152:xv53YhW8zBQSc0ZnSKBZKumZr7ALFUSNH9:3YY0Zn3K/ALq+H

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks