General

  • Target

    WinDirStat-x64.msi

  • Size

    2.4MB

  • Sample

    241113-ws29nsznep

  • MD5

    5ee636d9fac960438a2fb3d7ee497ada

  • SHA1

    86b3c750357cc4e3ab823a9c28e72c94dc705688

  • SHA256

    ef11b9f1ac15cb15b8d7ecb634120583d326789b4f7e567e3a7a2209f7bd7f64

  • SHA512

    0e2ee022b381c3468c804c7344ff16310bbb31164e6e3bac7939a32215e114bd90e02106fd290fa6d1f41b8eb4129956700080825644c6e6f977e68c50e8a05e

  • SSDEEP

    24576:esaGFCcGQRFbujhb+yUT8YM/XjT0H0Gb2VmAk9ryddEhzGBaZ6+xmmfUz:yxJ5+n8PTnGiZddEhzqdkmms

Malware Config

Targets

    • Target

      WinDirStat-x64.msi

    • Size

      2.4MB

    • MD5

      5ee636d9fac960438a2fb3d7ee497ada

    • SHA1

      86b3c750357cc4e3ab823a9c28e72c94dc705688

    • SHA256

      ef11b9f1ac15cb15b8d7ecb634120583d326789b4f7e567e3a7a2209f7bd7f64

    • SHA512

      0e2ee022b381c3468c804c7344ff16310bbb31164e6e3bac7939a32215e114bd90e02106fd290fa6d1f41b8eb4129956700080825644c6e6f977e68c50e8a05e

    • SSDEEP

      24576:esaGFCcGQRFbujhb+yUT8YM/XjT0H0Gb2VmAk9ryddEhzGBaZ6+xmmfUz:yxJ5+n8PTnGiZddEhzqdkmms

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks