General
-
Target
d49dc3c37a54d126716d7fba2fdb17ad60784928369daf344626c29da6405076.msi.vir
-
Size
103.2MB
-
Sample
241110-m8jylavmev
-
MD5
d5efae8993719271d7a647b2e30820e0
-
SHA1
147bd566d23248a99a3c3f3fdb472d610e44fa8b
-
SHA256
d49dc3c37a54d126716d7fba2fdb17ad60784928369daf344626c29da6405076
-
SHA512
cf28beb363a63de73c1d77a794638f121413c2ad66d767da452d3b301752a7d5838ac9a5c4f782c7a1e85cdadb6e2da7567c18f904394b0df3e75e14f23b4f92
-
SSDEEP
3145728:X7tgGpqMqdZElpXle4AQuTi7lDX8CL2RuPtcwb2Cr18k0gdt:xDpq1fEle4juOx4XREcwb260
Static task
static1
Behavioral task
behavioral1
Sample
d49dc3c37a54d126716d7fba2fdb17ad60784928369daf344626c29da6405076.msi
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
d49dc3c37a54d126716d7fba2fdb17ad60784928369daf344626c29da6405076.msi
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d49dc3c37a54d126716d7fba2fdb17ad60784928369daf344626c29da6405076.msi.vir
-
Size
103.2MB
-
MD5
d5efae8993719271d7a647b2e30820e0
-
SHA1
147bd566d23248a99a3c3f3fdb472d610e44fa8b
-
SHA256
d49dc3c37a54d126716d7fba2fdb17ad60784928369daf344626c29da6405076
-
SHA512
cf28beb363a63de73c1d77a794638f121413c2ad66d767da452d3b301752a7d5838ac9a5c4f782c7a1e85cdadb6e2da7567c18f904394b0df3e75e14f23b4f92
-
SSDEEP
3145728:X7tgGpqMqdZElpXle4AQuTi7lDX8CL2RuPtcwb2Cr18k0gdt:xDpq1fEle4juOx4XREcwb260
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1