General
-
Target
118c1187c5b37ab9c4f9f39500d777c0a914c379d853439608157379dcb71772.msi
-
Size
1.8MB
-
Sample
241113-nw4mxavkaq
-
MD5
b62391ef588987e34030159325987a21
-
SHA1
7c8d0c37a8dd4d9f5c9447f7d6f78926d05d6d2d
-
SHA256
118c1187c5b37ab9c4f9f39500d777c0a914c379d853439608157379dcb71772
-
SHA512
a4ae63f9cd71d78303cdd1d3aa9e7bfad36e735b773210a26a2af4907aa6ee63e9edc2959a2f1eb9999808727bbdec523e430d3dc91d4bdc603c829b53e5432a
-
SSDEEP
49152:9acTt5QDGgYBkx5upDun9RaUnxKvmP4vMbu5yxig:RwYBkhaU8vm
Static task
static1
Behavioral task
behavioral1
Sample
118c1187c5b37ab9c4f9f39500d777c0a914c379d853439608157379dcb71772.msi
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
118c1187c5b37ab9c4f9f39500d777c0a914c379d853439608157379dcb71772.msi
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
118c1187c5b37ab9c4f9f39500d777c0a914c379d853439608157379dcb71772.msi
-
Size
1.8MB
-
MD5
b62391ef588987e34030159325987a21
-
SHA1
7c8d0c37a8dd4d9f5c9447f7d6f78926d05d6d2d
-
SHA256
118c1187c5b37ab9c4f9f39500d777c0a914c379d853439608157379dcb71772
-
SHA512
a4ae63f9cd71d78303cdd1d3aa9e7bfad36e735b773210a26a2af4907aa6ee63e9edc2959a2f1eb9999808727bbdec523e430d3dc91d4bdc603c829b53e5432a
-
SSDEEP
49152:9acTt5QDGgYBkx5upDun9RaUnxKvmP4vMbu5yxig:RwYBkhaU8vm
-
Use of msiexec (install) with remote resource
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-