Overview

overview

8

Static

static

1

Install.exe

windows10-ltsc 2021-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Install.exe

  • Size

    4.1MB

  • Sample

    241119-tph1hssrbl

  • MD5

    453bee2b8e8a448bdb7ac22c1047230b

  • SHA1

    0f9c74d4b3658e2beb438a5bdef8ac73294e8f52

  • SHA256

    807e72c85ab94278d9e0bb16ce82c18762a609092ab9d35305db042d61cdddfd

  • SHA512

    a2fdf9176446617aadd645a05378eff7716d9855a36e13d1e4081d3695cad2bd8cd4c8ad7b773b7609c1feeb236615e466928b812234ca0ab17b745e9c958fac

  • SSDEEP

    98304:Sh1v9HjyVq2cnhtjxpNpaL8M+RzOtf6RbWJ2JncryoV7nqStUwifpceyK:STvRyVq5nnTNpa1YJxoxF6

Score
8/10
discovery

Malware Config

Targets

    • Target

      Install.exe

    • Size

      4.1MB

    • MD5

      453bee2b8e8a448bdb7ac22c1047230b

    • SHA1

      0f9c74d4b3658e2beb438a5bdef8ac73294e8f52

    • SHA256

      807e72c85ab94278d9e0bb16ce82c18762a609092ab9d35305db042d61cdddfd

    • SHA512

      a2fdf9176446617aadd645a05378eff7716d9855a36e13d1e4081d3695cad2bd8cd4c8ad7b773b7609c1feeb236615e466928b812234ca0ab17b745e9c958fac

    • SSDEEP

      98304:Sh1v9HjyVq2cnhtjxpNpaL8M+RzOtf6RbWJ2JncryoV7nqStUwifpceyK:STvRyVq5nnTNpa1YJxoxF6

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks