General

  • Target

    ClickHeretodownload.msi

  • Size

    1.8MB

  • Sample

    241112-qx8pcsteqm

  • MD5

    8e3b956cd68bd880a3df1ad7fb2bd27b

  • SHA1

    f4f65284ac3ecaaf5b9212db4faf0d7a58dd9ee5

  • SHA256

    df9cbb15689e690f9e7f08280e1eea217eda831ace9fafdfd9c72dd7617f9b88

  • SHA512

    1d6b13e1e95879b7f784794cf3d2f43560f1e53f24dd140808537bb03f118efd4a0c4a9ef115677f52c942dc71a1b0640d7be8c6ef4d821792b44f0d7decdb29

  • SSDEEP

    49152:GPTac/f9r84jEHYDgE5e7voP5Ferq7I5RJK5k1:pVHYDgpUxFe

Malware Config

Targets

    • Target

      ClickHeretodownload.msi

    • Size

      1.8MB

    • MD5

      8e3b956cd68bd880a3df1ad7fb2bd27b

    • SHA1

      f4f65284ac3ecaaf5b9212db4faf0d7a58dd9ee5

    • SHA256

      df9cbb15689e690f9e7f08280e1eea217eda831ace9fafdfd9c72dd7617f9b88

    • SHA512

      1d6b13e1e95879b7f784794cf3d2f43560f1e53f24dd140808537bb03f118efd4a0c4a9ef115677f52c942dc71a1b0640d7be8c6ef4d821792b44f0d7decdb29

    • SSDEEP

      49152:GPTac/f9r84jEHYDgE5e7voP5Ferq7I5RJK5k1:pVHYDgpUxFe

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks