2f2aba1e074f5f4baa08b524875461889f8f04d4ffc43972ac212e286022ab94 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

Windows Loader.exe

windows7_x64

Windows Loader.exe

windows10_x64

7

Sharing

General

Target

Windows Loader.exe
Size

3.8MB
Sample

210724-9wp9rb3yle
MD5

323c0fd51071400b51eedb1be90a8188
SHA1

0efc35935957c25193bbe9a83ab6caa25a487ada
SHA256

2f2aba1e074f5f4baa08b524875461889f8f04d4ffc43972ac212e286022ab94
SHA512

4c501c7135962e2f02b68d6069f2191ddb76f990528dacd209955a44972122718b9598400ba829abab2d4345b4e1a4b93453c8e7ba42080bd492a34cf8443e7e

Score

8^/10

discovery exploit upx

Static task

static1

Behavioral task

behavioral1

Sample

Windows Loader.exe

Resource

win7v20210410

discovery exploit

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Windows Loader.exe

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Windows Loader.exe
- Size
  
  3.8MB
- MD5
  
  323c0fd51071400b51eedb1be90a8188
- SHA1
  
  0efc35935957c25193bbe9a83ab6caa25a487ada
- SHA256
  
  2f2aba1e074f5f4baa08b524875461889f8f04d4ffc43972ac212e286022ab94
- SHA512
  
  4c501c7135962e2f02b68d6069f2191ddb76f990528dacd209955a44972122718b9598400ba829abab2d4345b4e1a4b93453c8e7ba42080bd492a34cf8443e7e
Score

8^/10

discovery exploit
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

© 2018-2024

Terms | Privacy