Overview

overview

6

Static

static

1

MSTeamsSetup.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MSTeamsSetup.exe

  • Size

    1.4MB

  • Sample

    241118-y6pxlsvfjn

  • MD5

    7ee6219d0f497752aa7f1c129ca50bc1

  • SHA1

    68bec1b6c594b6bdaf74b4062e4b3c477aa6a1ad

  • SHA256

    c8db62bed2305b35860ba601c926f664da5c49cb58db6e364f0ed2805af511f0

  • SHA512

    a91760aeb550d5683ce0222f40addb3507b79ccf10199c6c5a4773d3b3fc0bcf874360202bfcdca0871da5efe94b94b24fecb72dd5ebeca02939928c5a534094

  • SSDEEP

    24576:E9Yu8GgnSf7uw7J8qyKD0OIqKT//pIgl6A5H2TuDWkd3WZZ7SuW42C7Z32o3:zGMo7NSK/Iqwp/6A5Wgz501SuWYZ3V

Score
6/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      MSTeamsSetup.exe

    • Size

      1.4MB

    • MD5

      7ee6219d0f497752aa7f1c129ca50bc1

    • SHA1

      68bec1b6c594b6bdaf74b4062e4b3c477aa6a1ad

    • SHA256

      c8db62bed2305b35860ba601c926f664da5c49cb58db6e364f0ed2805af511f0

    • SHA512

      a91760aeb550d5683ce0222f40addb3507b79ccf10199c6c5a4773d3b3fc0bcf874360202bfcdca0871da5efe94b94b24fecb72dd5ebeca02939928c5a534094

    • SSDEEP

      24576:E9Yu8GgnSf7uw7J8qyKD0OIqKT//pIgl6A5H2TuDWkd3WZZ7SuW42C7Z32o3:zGMo7NSK/Iqwp/6A5Wgz501SuWYZ3V

    Score
    6/10
    discoverypersistenceprivilege_escalation

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks