f0c0bd00a6c044eb6fae9638e0b037e60127d93e28cfdc54d0f2d30100c4cd39 | Triage

Sharing

General

Target

f0c0bd00a6c044eb6fae9638e0b037e60127d93e28cfdc54d0f2d30100c4cd39.msi
Size

2.5MB
Sample

241012-cfyk6s1ejn
MD5

0d4ccbe309876c174ca8670619896d5f
SHA1

15a2d708a9a2c159ddd4280beae39dc1b9c66e34
SHA256

f0c0bd00a6c044eb6fae9638e0b037e60127d93e28cfdc54d0f2d30100c4cd39
SHA512

1818f20609dae2fd7f9e80f8fb618c126fd1d65b63b039c1196040773282ade6db3eee0f375892048d39d0f63b583e9eea378ba9ff785584d14d1b308a964986
SSDEEP

49152:MsxjoeRK8UXtBqGhZOb69QOHu5KKwGr3ULUcePBrFI:Mleudjuu7gKKwhLPeJrFI

Score

6^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  f0c0bd00a6c044eb6fae9638e0b037e60127d93e28cfdc54d0f2d30100c4cd39.msi
- Size
  
  2.5MB
- MD5
  
  0d4ccbe309876c174ca8670619896d5f
- SHA1
  
  15a2d708a9a2c159ddd4280beae39dc1b9c66e34
- SHA256
  
  f0c0bd00a6c044eb6fae9638e0b037e60127d93e28cfdc54d0f2d30100c4cd39
- SHA512
  
  1818f20609dae2fd7f9e80f8fb618c126fd1d65b63b039c1196040773282ade6db3eee0f375892048d39d0f63b583e9eea378ba9ff785584d14d1b308a964986
- SSDEEP
  
  49152:MsxjoeRK8UXtBqGhZOb69QOHu5KKwGr3ULUcePBrFI:Mleudjuu7gKKwhLPeJrFI
Score

6^/10

discovery persistence privilege_escalation
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

System Binary Proxy Execution

Msiexec

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation