Overview

overview

10

Static

static

10

CyberSecure Pro.msi

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CyberSecure Pro.msi

  • Size

    9.3MB

  • Sample

    250413-rm4s4axxaw

  • MD5

    f1eefdb0865e3b5dcf1115cdcf4bd4ba

  • SHA1

    d918c5cc45b9a97898af579c058e509f227f87b6

  • SHA256

    5558b04220e017f2a69fd88c575ec9450bde361049e42fd67501a0f89ba21834

  • SHA512

    879052b5114b4a3f23917b75b713db23d06e454185ac1fb2c72b4fa0b70bf17fe68284f5c0bbf3e29643c76bef2feb5b5052df1a713589d35d692f83cca94975

  • SSDEEP

    196608:3i5QuZL4+qjtvelQP6XTIVqLbS6l4qZf1uozsXG:dua0lQAr14Jo4XG

Score
10/10
hijackloaderdiscoveryspywarestealer

Malware Config

Extracted

Family

hijackloader

Attributes
  • directory

    %APPDATA%\HUT_Quick

  • inject_dll

    %windir%\SysWOW64\pla.dll

xor.hex

Targets

    • Target

      CyberSecure Pro.msi

    • Size

      9.3MB

    • MD5

      f1eefdb0865e3b5dcf1115cdcf4bd4ba

    • SHA1

      d918c5cc45b9a97898af579c058e509f227f87b6

    • SHA256

      5558b04220e017f2a69fd88c575ec9450bde361049e42fd67501a0f89ba21834

    • SHA512

      879052b5114b4a3f23917b75b713db23d06e454185ac1fb2c72b4fa0b70bf17fe68284f5c0bbf3e29643c76bef2feb5b5052df1a713589d35d692f83cca94975

    • SSDEEP

      196608:3i5QuZL4+qjtvelQP6XTIVqLbS6l4qZf1uozsXG:dua0lQAr14Jo4XG

    Score
    6/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v16

Tasks