fa8b7c248496f1cf913f9691091901c11877070110d240673b3dd947f46093fd | Triage

Sharing

General

Target

fa8b7c248496f1cf913f9691091901c11877070110d240673b3dd947f46093fd.msi
Size

2.9MB
Sample

241002-b5ad7svcnd
MD5

3b99d6ddf8dda188ba5596d25eb5082d
SHA1

97f0218ba3529184dda5ffad538b2e511c9a11e2
SHA256

fa8b7c248496f1cf913f9691091901c11877070110d240673b3dd947f46093fd
SHA512

889577435fc8415b20d4632b6df5d78907dc6d66f26a33b9639009eadee6d80e6c477702e9b7e8a5b45dd911df82d274d27e4b5ea9f1478d2ed79f937f460db4
SSDEEP

49152:6/fZzerSX55NaiU0o8P5Ferq7I5RJK5k1Q/Y02gCQsG592CB6b0Wk:airSxdxFeb02b

Score

6^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  fa8b7c248496f1cf913f9691091901c11877070110d240673b3dd947f46093fd.msi
- Size
  
  2.9MB
- MD5
  
  3b99d6ddf8dda188ba5596d25eb5082d
- SHA1
  
  97f0218ba3529184dda5ffad538b2e511c9a11e2
- SHA256
  
  fa8b7c248496f1cf913f9691091901c11877070110d240673b3dd947f46093fd
- SHA512
  
  889577435fc8415b20d4632b6df5d78907dc6d66f26a33b9639009eadee6d80e6c477702e9b7e8a5b45dd911df82d274d27e4b5ea9f1478d2ed79f937f460db4
- SSDEEP
  
  49152:6/fZzerSX55NaiU0o8P5Ferq7I5RJK5k1Q/Y02gCQsG592CB6b0Wk:airSxdxFeb02b
Score

6^/10

discovery persistence privilege_escalation
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

System Binary Proxy Execution

Msiexec

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation