5792e156c48d279799a616b47d7a795efbdf2563581ef2c10f17733cd7cfd9b1 | Triage

Submit
Reports

Overview

overview

Static

static

5792e156c4...b1.exe

windows7-x64

5792e156c4...b1.exe

windows10-2004-x64

Sharing

General

Target

5792e156c48d279799a616b47d7a795efbdf2563581ef2c10f17733cd7cfd9b1
Size

412KB
Sample

220724-1d5tgahder
MD5

7a26bbd7b5942b49fc0a9cb7268bd030
SHA1

30659b4f335ececdfe272b6cddeb9dbb57ccd81b
SHA256

5792e156c48d279799a616b47d7a795efbdf2563581ef2c10f17733cd7cfd9b1
SHA512

68c04a97868fccce177cd395cf3dad72fa8f7a14917fa852efcd975b88aec0e2840b7d437e8ad57cd39eeaae31dc6fe38095509d15211c712f505abc71c17e53

Score

10^/10

persistence suricata

Static task

static1

Behavioral task

behavioral1

Sample

5792e156c48d279799a616b47d7a795efbdf2563581ef2c10f17733cd7cfd9b1.exe

Resource

win7-20220715-en

persistence suricata

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

5792e156c48d279799a616b47d7a795efbdf2563581ef2c10f17733cd7cfd9b1.exe

Resource

win10v2004-20220721-en

persistence suricata

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  5792e156c48d279799a616b47d7a795efbdf2563581ef2c10f17733cd7cfd9b1
- Size
  
  412KB
- MD5
  
  7a26bbd7b5942b49fc0a9cb7268bd030
- SHA1
  
  30659b4f335ececdfe272b6cddeb9dbb57ccd81b
- SHA256
  
  5792e156c48d279799a616b47d7a795efbdf2563581ef2c10f17733cd7cfd9b1
- SHA512
  
  68c04a97868fccce177cd395cf3dad72fa8f7a14917fa852efcd975b88aec0e2840b7d437e8ad57cd39eeaae31dc6fe38095509d15211c712f505abc71c17e53
Score

10^/10

persistence suricata
- suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016
  suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016
  suricata
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencesuricata

behavioral2

persistencesuricata

© 2018-2024

Terms | Privacy