854f026f4e3071e41c828edcb350c049b74211ce7b653d8161a32d345257afcf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

软件包安装.msi
Size

1.8MB
Sample

241004-e78lkayepc
MD5

ba615bbffbb5a4604ee2ddf9a2972333
SHA1

229540b47f5248997257946a0fab693c070ed436
SHA256

854f026f4e3071e41c828edcb350c049b74211ce7b653d8161a32d345257afcf
SHA512

6c0b2f108e06873c3d09e8f0f9a20583b134a356b9cb775d44f4ee3a0807ad7d86b30b7aa60eafdd6dbf6fdf18f0f70ec0b45fef66f31ac4adb214511388d4bb
SSDEEP

49152:r3YYgIR6zuEV571wHtGXLTi1Qn0UkFyr:r3cya1wNcMQ9e

Score

6^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  软件包安装.msi
- Size
  
  1.8MB
- MD5
  
  ba615bbffbb5a4604ee2ddf9a2972333
- SHA1
  
  229540b47f5248997257946a0fab693c070ed436
- SHA256
  
  854f026f4e3071e41c828edcb350c049b74211ce7b653d8161a32d345257afcf
- SHA512
  
  6c0b2f108e06873c3d09e8f0f9a20583b134a356b9cb775d44f4ee3a0807ad7d86b30b7aa60eafdd6dbf6fdf18f0f70ec0b45fef66f31ac4adb214511388d4bb
- SSDEEP
  
  49152:r3YYgIR6zuEV571wHtGXLTi1Qn0UkFyr:r3cya1wNcMQ9e
Score

6^/10

persistence privilege_escalation
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

System Binary Proxy Execution

Msiexec

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation