General
-
Target
723c5657fa6c7b60e0dc195a7250af56603b4be485042540397f703f266ee1ba
-
Size
11.3MB
-
Sample
241121-qypymssnbv
-
MD5
f01a5a7c09da908ad7044b148a35cbde
-
SHA1
7af2ad072e3c0e3311349cf6791c50a47eb9d17b
-
SHA256
723c5657fa6c7b60e0dc195a7250af56603b4be485042540397f703f266ee1ba
-
SHA512
eea54a69626371902b6d67616d8b8681b032c9ee2086b613e43e0505e73754f1de0da85717224dd593e0f9877379d0e4240dfb7ff2909ecf90a8ae5563d0e40d
-
SSDEEP
196608:j3PGYCrloNiTzzpTwvSnhUcyu590uuHax97odMieIx5CnZuU9J40+ubHB0w6b+87:zGtK6zzcSLZjuG97GFTCow40PHiw6b+o
Malware Config
Targets
-
-
Target
Installer.msi
-
Size
12.4MB
-
MD5
0b6f567d2d08cf51fab3a4c156973ec5
-
SHA1
3693e4e6eb7ac5fad966c77eb4b38cd2cc4c9a20
-
SHA256
55bcd5d30a281d4df8ab11da0b6bc8773ee09b9da0537f826ae9bfa06d91b441
-
SHA512
d9fda950dcb9811e0e3c1d5542933754286fb5335e4062ab49622aba86636ab771f02c6d0d9c46942f2dc9c6d0c86bc3057d862fbd35483fd7e60a635a8048b0
-
SSDEEP
196608:E34AwVjpluzSl00psVS1HmLPFKwurgtJfG/u8WA/5w8jKcxRi5ilN6QCfjhKb0:RAwVjpD6S2/uoJfe1RwSLTNT
Score8/10-
Creates new service(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Installer Packages
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Installer Packages
1