1e9360d7fd51efef5bd8c7d90c5a50183d01f02bac1f5f548dd908a2723d8257 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

SolarWinds....1.exe

windows7-x64

6

SolarWinds....1.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

Target

SolarWinds-DesktopToolset-v2024.2.1.exe
Size

392.8MB
Sample

241009-w6zqps1epp
MD5

f2c220a192470d15d1764582a2ad99b8
SHA1

014859c8068f34129ea18f5523dad6a295df16c8
SHA256

1e9360d7fd51efef5bd8c7d90c5a50183d01f02bac1f5f548dd908a2723d8257
SHA512

1c53f7346a5f8f90b27d16bf7573b91f7e65a8c5b0b74cc0ae4941c26ac47806f969e5782ec3b031b8eaa4daf18942be361aca1100c5fa3e931d5fd8ed9704bd
SSDEEP

12582912:LsF/PLvAj6GEJhYVEverPLt0AC2nJmxiCwjgFS:gdvA+GSALt0ApJmx8jgM

Score

6^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

SolarWinds-DesktopToolset-v2024.2.1.exe

Resource

win7-20240704-en

windows7-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

SolarWinds-DesktopToolset-v2024.2.1.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  SolarWinds-DesktopToolset-v2024.2.1.exe
- Size
  
  392.8MB
- MD5
  
  f2c220a192470d15d1764582a2ad99b8
- SHA1
  
  014859c8068f34129ea18f5523dad6a295df16c8
- SHA256
  
  1e9360d7fd51efef5bd8c7d90c5a50183d01f02bac1f5f548dd908a2723d8257
- SHA512
  
  1c53f7346a5f8f90b27d16bf7573b91f7e65a8c5b0b74cc0ae4941c26ac47806f969e5782ec3b031b8eaa4daf18942be361aca1100c5fa3e931d5fd8ed9704bd
- SSDEEP
  
  12582912:LsF/PLvAj6GEJhYVEverPLt0AC2nJmxiCwjgFS:gdvA+GSALt0ApJmx8jgM
Score

6^/10

discovery
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy