74e0dfb6b8fb66ed62252811acf1ea90b9d63ed835c0c820557312dca42cc7e6 | Triage

Submit
Reports

Overview

overview

Static

static

74e0dfb6b8...e6.exe

windows7-x64

74e0dfb6b8...e6.exe

windows10-2004-x64

Sharing

General

Target

74e0dfb6b8fb66ed62252811acf1ea90b9d63ed835c0c820557312dca42cc7e6
Size

1.7MB
Sample

220725-fbav4afcaq
MD5

8f94bc5cacfd1fbfcb09a94958adfd1d
SHA1

3930dbb9a0d13331acfb232a39aae879d4a3437c
SHA256

74e0dfb6b8fb66ed62252811acf1ea90b9d63ed835c0c820557312dca42cc7e6
SHA512

c5e3bcdf679789bba2bdab1fc0bd3da91e4e9f4a2ad8c4d7ce12594631e8cf4a44002d954b52a907d28028f5870b871b59cc4cbcb0f6ec6e0e19a331a29010bd

Score

10^/10

persistence suricata

Static task

static1

Behavioral task

behavioral1

Sample

74e0dfb6b8fb66ed62252811acf1ea90b9d63ed835c0c820557312dca42cc7e6.exe

Resource

win7-20220715-en

persistence suricata

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

74e0dfb6b8fb66ed62252811acf1ea90b9d63ed835c0c820557312dca42cc7e6.exe

Resource

win10v2004-20220721-en

persistence suricata

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  74e0dfb6b8fb66ed62252811acf1ea90b9d63ed835c0c820557312dca42cc7e6
- Size
  
  1.7MB
- MD5
  
  8f94bc5cacfd1fbfcb09a94958adfd1d
- SHA1
  
  3930dbb9a0d13331acfb232a39aae879d4a3437c
- SHA256
  
  74e0dfb6b8fb66ed62252811acf1ea90b9d63ed835c0c820557312dca42cc7e6
- SHA512
  
  c5e3bcdf679789bba2bdab1fc0bd3da91e4e9f4a2ad8c4d7ce12594631e8cf4a44002d954b52a907d28028f5870b871b59cc4cbcb0f6ec6e0e19a331a29010bd
Score

10^/10

persistence suricata
- suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
  suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
  suricata
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencesuricata

behavioral2

persistencesuricata

© 2018-2024

Terms | Privacy