Analysis

  • max time kernel
    92s
  • max time network
    95s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10/11/2024, 21:20

General

  • Target

    GooberWasHereInstaller.exe

  • Size

    30.6MB

  • MD5

    9ef155ff8ec0904373cb5892299986ce

  • SHA1

    4d0d5ff53a3128a0602b2e407347df66da7a5b04

  • SHA256

    a0e416c96ea6bdf382b391682a7fc1226dc16dd4a2b68466dbe86ec427540f29

  • SHA512

    f39059c9a0155a55e8f4b4c5504cd633e2e336d6b3d6c4acdeff1b429fea190dda3c8439ad1027c6f9539699f15afa5ac4979947bc679cb9ca3d7bf80f53e0aa

  • SSDEEP

    786432:cEMMszwm8ZsfO0xBVuy/ZJddkuAizgitBotEyQai1OkXlpB7XMliXo:ckWwXZmO0Pwy//Drgi3otcR7B7Xo

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 10 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\GooberWasHereInstaller.exe
    "C:\Users\Admin\AppData\Local\Temp\GooberWasHereInstaller.exe"
    1⤵
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    PID:3300

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads