Overview

overview

7

Static

static

1

081140.7z

windows7-x64

7

081140.7z

windows10-2004-x64

1

use password 704.7z

windows7-x64

1

use password 704.7z

windows10-2004-x64

1

setup.msi

windows7-x64

6

setup.msi

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    081140.7z

  • Size

    35.2MB

  • Sample

    241121-kq6njazrdz

  • MD5

    e869a051f52711b43f551484f4db2e1b

  • SHA1

    5e4d35983a1f5d6f63854cff60bcf3f082466dbc

  • SHA256

    102fa87868d13ae5527dc3f538641581bfb9e3203497ceccc119916df6e1d032

  • SHA512

    6d405bae9da5b1d265b05c5878179bc3499889a542c28669b2afbdbd429f972c0fc9261560de7f0c6f0c780e982887d1811dc7397e1a4ada5dffd0885754f61a

  • SSDEEP

    786432:MUtuesh/uc6d9b/+LosTrx6bRa7uzvzBY1eQM4cRsZdMSoZF+4G:Aesh2nd9TUxNuz9OCRsMdrtG

Score
7/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      081140.7z

    • Size

      35.2MB

    • MD5

      e869a051f52711b43f551484f4db2e1b

    • SHA1

      5e4d35983a1f5d6f63854cff60bcf3f082466dbc

    • SHA256

      102fa87868d13ae5527dc3f538641581bfb9e3203497ceccc119916df6e1d032

    • SHA512

      6d405bae9da5b1d265b05c5878179bc3499889a542c28669b2afbdbd429f972c0fc9261560de7f0c6f0c780e982887d1811dc7397e1a4ada5dffd0885754f61a

    • SSDEEP

      786432:MUtuesh/uc6d9b/+LosTrx6bRa7uzvzBY1eQM4cRsZdMSoZF+4G:Aesh2nd9TUxNuz9OCRsMdrtG

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

    • Target

      use password 704.7z

    • Size

      35.2MB

    • MD5

      700142963aa62a58866861d1768bdabe

    • SHA1

      1d2eb175284ca568c02cb4c64a8259020327967a

    • SHA256

      5618bea2cfaedb3a9c1aa9b95389b2d124568a3b98c3abbf39f77c0e56e49752

    • SHA512

      848b033e228b73bd6f2a84b4adc9c36e957c7dced2236c62c3cc46e931e2b5b38e7a7a35cc8dd44f7d3828cd34455f197a9c15716ae6798b0b8e59b8569e9004

    • SSDEEP

      786432:yd24Ie/4bpbiOKBR8l6FKJ3NjHyjPJjnMuVggN8fOudh47/+rDS:6Ie/StiOOYJsjP9BifBhwGXS

    Score
    1/10
    behavioral3behavioral4

    • Target

      setup.msi

    • Size

      64.5MB

    • MD5

      58b4627725e80ca0b93d1d7277f445b3

    • SHA1

      3574cb5de829731dc22ea9fe6545c66b9334db2c

    • SHA256

      b0f9e7accdcce6c2042c21bdbdf0d3fbd5819ae058f20abf943352bf952b66bc

    • SHA512

      ec64f0ded7b098c6d65d06c2371b851b23dd7f5cd122434baf3dd84398afc3da312f4551d2346c71a16daf2cd1a15831b354ab46554c46eaeafdd404d9af296e

    • SSDEEP

      1572864:fiVmrjV7eIjiOTZqLnsZ50myGd6gDUihExPZw6lZ3+k:NqnsZ5YQTDvuhw6l

    Score
    6/10
    discoverypersistenceprivilege_escalation

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks