Overview

overview

10

Static

static

10

FortiClien...er.exe

windows10-2004-x64

1

FortiClien...er.exe

windows10-ltsc_2021-x64

1

Resubmissions

07/04/2025, 17:19

250407-vv4pvayl17 10

07/04/2025, 14:55

250407-sar47swjs2 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FortiClientInstaller.exe

  • Size

    1.3MB

  • Sample

    250407-vv4pvayl17

  • MD5

    56ad9dbcf52a0a88e254be81b6fd3334

  • SHA1

    981ea76962733330e35d027b2b89c8ba08c2c8d1

  • SHA256

    7b399ccced1048d15198aeb67d6bcc49ebd88c7ac484811a7000b9e79a5aac90

  • SHA512

    6f3d1789eeebb03db3e1407f5e92b1c17d4136d171c2df09fd79c845e49e47f73a5f229f4e54be9f836ef7222c732e98f3b4ee6529077392d3d007a9afe0e856

  • SSDEEP

    24576:0IWONZguqUO7j/vDnrUf6clUVIA6JGybfUPH/1gCKUmdrEH7fZ:0+ZyUOn/vDrQeVIJGyIvJSQZ

Score
10/10
hijackloader

Malware Config

Extracted

Family

hijackloader

Attributes
  • directory

    %APPDATA%\m545JfQz5

  • inject_dll

    %windir%\SysWOW64\pla.dll

xor.hex

Targets

    • Target

      FortiClientInstaller.exe

    • Size

      1.3MB

    • MD5

      56ad9dbcf52a0a88e254be81b6fd3334

    • SHA1

      981ea76962733330e35d027b2b89c8ba08c2c8d1

    • SHA256

      7b399ccced1048d15198aeb67d6bcc49ebd88c7ac484811a7000b9e79a5aac90

    • SHA512

      6f3d1789eeebb03db3e1407f5e92b1c17d4136d171c2df09fd79c845e49e47f73a5f229f4e54be9f836ef7222c732e98f3b4ee6529077392d3d007a9afe0e856

    • SSDEEP

      24576:0IWONZguqUO7j/vDnrUf6clUVIA6JGybfUPH/1gCKUmdrEH7fZ:0+ZyUOn/vDrQeVIJGyIvJSQZ

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks