ea581c00eb93dd9d7909f9c73d346b0cd42e2d4ec7943a8a0f63fac4218e0e73 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

spacedesk_...23.msi

windows11-21h2-x64

8

Sharing

General

Target

spacedesk_driver_Win_10_64_v2123.msi
Size

4.7MB
Sample

241013-tmh8havfmf
MD5

07db314cd098c23a5c8717f939475cc6
SHA1

a941be961b9b6153ab149a5e0f3297546a2b370b
SHA256

ea581c00eb93dd9d7909f9c73d346b0cd42e2d4ec7943a8a0f63fac4218e0e73
SHA512

111dd03c3db9ce020ae6a8be01dbc6c8eef9d082e79dd47aff839ccc379b73e69b792c98d218acd9eb2430c2d154ca624f8ab9a62ad87e93cf24da09b16b854e
SSDEEP

98304:k5W7SouwDgr37H5QzpEs8WeLf+UkPthDE16bA:Zz8rVApEskLf1G3Dvb

Score

8^/10

discovery persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

spacedesk_driver_Win_10_64_v2123.msi

Resource

win11-20241007-en

discovery persistence privilege_escalation

windows11-21h2-x64

23 signatures

150 seconds

Malware Config

Targets

- Target
  
  spacedesk_driver_Win_10_64_v2123.msi
- Size
  
  4.7MB
- MD5
  
  07db314cd098c23a5c8717f939475cc6
- SHA1
  
  a941be961b9b6153ab149a5e0f3297546a2b370b
- SHA256
  
  ea581c00eb93dd9d7909f9c73d346b0cd42e2d4ec7943a8a0f63fac4218e0e73
- SHA512
  
  111dd03c3db9ce020ae6a8be01dbc6c8eef9d082e79dd47aff839ccc379b73e69b792c98d218acd9eb2430c2d154ca624f8ab9a62ad87e93cf24da09b16b854e
- SSDEEP
  
  98304:k5W7SouwDgr37H5QzpEs8WeLf+UkPthDE16bA:Zz8rVApEskLf1G3Dvb
Score

8^/10

discovery persistence privilege_escalation
- Drops file in Drivers directory
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

System Binary Proxy Execution

Msiexec

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

© 2018-2024

Terms | Privacy