Overview

overview

8

Static

static

1

Installer (3).msi

windows7-x64

Installer (3).msi

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Installer (3).msi

  • Size

    12.4MB

  • Sample

    241121-p546gashjn

  • MD5

    0b6f567d2d08cf51fab3a4c156973ec5

  • SHA1

    3693e4e6eb7ac5fad966c77eb4b38cd2cc4c9a20

  • SHA256

    55bcd5d30a281d4df8ab11da0b6bc8773ee09b9da0537f826ae9bfa06d91b441

  • SHA512

    d9fda950dcb9811e0e3c1d5542933754286fb5335e4062ab49622aba86636ab771f02c6d0d9c46942f2dc9c6d0c86bc3057d862fbd35483fd7e60a635a8048b0

  • SSDEEP

    196608:E34AwVjpluzSl00psVS1HmLPFKwurgtJfG/u8WA/5w8jKcxRi5ilN6QCfjhKb0:RAwVjpD6S2/uoJfe1RwSLTNT

Score
8/10
discoveryexecutionpersistence

Malware Config

Targets

    • Target

      Installer (3).msi

    • Size

      12.4MB

    • MD5

      0b6f567d2d08cf51fab3a4c156973ec5

    • SHA1

      3693e4e6eb7ac5fad966c77eb4b38cd2cc4c9a20

    • SHA256

      55bcd5d30a281d4df8ab11da0b6bc8773ee09b9da0537f826ae9bfa06d91b441

    • SHA512

      d9fda950dcb9811e0e3c1d5542933754286fb5335e4062ab49622aba86636ab771f02c6d0d9c46942f2dc9c6d0c86bc3057d862fbd35483fd7e60a635a8048b0

    • SSDEEP

      196608:E34AwVjpluzSl00psVS1HmLPFKwurgtJfG/u8WA/5w8jKcxRi5ilN6QCfjhKb0:RAwVjpD6S2/uoJfe1RwSLTNT

    Score
    8/10
    discoveryexecutionpersistence

    • Creates new service(s)

      persistenceexecution

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks