b5961f407c0afef04c9406ba17cbae3fe4cc575b47e50081abbda0d96f9c0f18 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

SecuriteIn...96.exe

windows7_x64

8

SecuriteIn...96.exe

windows10_x64

8

Sharing

General

Target

SecuriteInfo.com.Generic.mg.850d8d031e7ef7af.27396
Size

17.2MB
Sample

201109-3zf2tttc4x
MD5

850d8d031e7ef7aff148df081191570b
SHA1

38f7c2796aee9c9c09a67e8c4c99a02d2ec1b346
SHA256

b5961f407c0afef04c9406ba17cbae3fe4cc575b47e50081abbda0d96f9c0f18
SHA512

84bbad6cd5d1d754da3bc7713e660061d08b2bd799599b554ed066dc76d9e008dd5a1f3e0dfe747612942d072d8c744c5ef749fd1bbf2ea4faf2f8f31bed72bd

Score

8^/10

discovery upx

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Generic.mg.850d8d031e7ef7af.27396.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Generic.mg.850d8d031e7ef7af.27396.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Generic.mg.850d8d031e7ef7af.27396
- Size
  
  17.2MB
- MD5
  
  850d8d031e7ef7aff148df081191570b
- SHA1
  
  38f7c2796aee9c9c09a67e8c4c99a02d2ec1b346
- SHA256
  
  b5961f407c0afef04c9406ba17cbae3fe4cc575b47e50081abbda0d96f9c0f18
- SHA512
  
  84bbad6cd5d1d754da3bc7713e660061d08b2bd799599b554ed066dc76d9e008dd5a1f3e0dfe747612942d072d8c744c5ef749fd1bbf2ea4faf2f8f31bed72bd
Score

8^/10

discovery
- Blacklisted process makes network request
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- JavaScript code in executable
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy