IOC Report
IndexUNE.msi

loading gif

Files

File Path
Type
Category
Malicious
IndexUNE.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Create Time/Date: Mon Jun 21 08:00:00 1999, Name of Creating Application: Windows Installer, Security: 1, Code page: 1252, Template: Intel;3082, Number of Pages: 200, Revision Number: {7D975D03-538A-48F2-AACF-AE7D6EDCECE4}, Title: IndexUNE, Author: UNE, Number of Words: 2, Last Saved Time/Date: Mon Jul 5 07:45:52 2021, Last Printed: Mon Jul 5 07:45:52 2021
initial sample
C:\Users\user\AppData\Local\Temp\CFGBE40.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\MSI9233.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\MSIBD37.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped

Processes

Path
Cmdline
Malicious
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\IndexUNE.msi"
C:\Windows\System32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding A0F386CF98DB4E24AA5349D70FAD0015 C