General

  • Target

    cispro_installer.exe

  • Size

    84.9MB

  • Sample

    250704-pxgp7sszey

  • MD5

    fb3705b29ec51f2f09ddd66e3d55e0c5

  • SHA1

    b2ece3006626fa5e9a1bf45a0259b82cdcd22380

  • SHA256

    9ba85f49276a94d335553631bff096f370f17671f0fa6914dd884e7719d05f83

  • SHA512

    5ed20a5f6548ad6e84a272220420442390e6b7abb88528ec43c988a2cd3f0df20fb05a37a0a0b87eb1f3ac1e231fcde9f70407bbea8bf18cec53cc49f13ffece

  • SSDEEP

    1572864:eXdgNOu6/Iu53EUrNauTkUJza+uQaH4uRIEiUMvZShFSe+mWnJHB:Oju6/h5tTdRaueZikHSGWlB

Malware Config

Targets

    • Target

      cispro_installer.exe

    • Size

      84.9MB

    • MD5

      fb3705b29ec51f2f09ddd66e3d55e0c5

    • SHA1

      b2ece3006626fa5e9a1bf45a0259b82cdcd22380

    • SHA256

      9ba85f49276a94d335553631bff096f370f17671f0fa6914dd884e7719d05f83

    • SHA512

      5ed20a5f6548ad6e84a272220420442390e6b7abb88528ec43c988a2cd3f0df20fb05a37a0a0b87eb1f3ac1e231fcde9f70407bbea8bf18cec53cc49f13ffece

    • SSDEEP

      1572864:eXdgNOu6/Iu53EUrNauTkUJza+uQaH4uRIEiUMvZShFSe+mWnJHB:Oju6/h5tTdRaueZikHSGWlB

    • Checks for any installed AV software in registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v16

Tasks