729ac3c86c5848c5c1b18c714c38e2e9514c9c010e1f8462270e82269a2399a8 | Triage

Submit
Reports

Overview

overview

Static

static

3

729ac3c86c...a8.exe

windows10_x64

Sharing

General

Target

729ac3c86c5848c5c1b18c714c38e2e9514c9c010e1f8462270e82269a2399a8.exe
Size

8.6MB
Sample

211022-kjdzyaccbp
MD5

a9f696f6e753202bbb0d5e31d6248f04
SHA1

711f0c9cafaeca25675f37de88525153f383c346
SHA256

729ac3c86c5848c5c1b18c714c38e2e9514c9c010e1f8462270e82269a2399a8
SHA512

3e44bfb295ef9e1512c7b639749afc735827d926c395a21f4fddb0aebe1429ff141f67c3ba9d4e62d6d0aabb73b81cb8685d9428ec54ab34e4328e52b58a583c

Score

10^/10

pyinstaller

Static task

static1

Behavioral task

behavioral1

Sample

729ac3c86c5848c5c1b18c714c38e2e9514c9c010e1f8462270e82269a2399a8.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  729ac3c86c5848c5c1b18c714c38e2e9514c9c010e1f8462270e82269a2399a8.exe
- Size
  
  8.6MB
- MD5
  
  a9f696f6e753202bbb0d5e31d6248f04
- SHA1
  
  711f0c9cafaeca25675f37de88525153f383c346
- SHA256
  
  729ac3c86c5848c5c1b18c714c38e2e9514c9c010e1f8462270e82269a2399a8
- SHA512
  
  3e44bfb295ef9e1512c7b639749afc735827d926c395a21f4fddb0aebe1429ff141f67c3ba9d4e62d6d0aabb73b81cb8685d9428ec54ab34e4328e52b58a583c
Score

10^/10
- Suspicious use of NtCreateProcessExOtherParentProcess
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy