0fa41ef1fdafc8802949cc226b5ef2f8986ce09d2b26f0562b18b4a62c459609 | Triage

Submit
Reports

Overview

overview

8

Static

static

unknown.exe

windows10-2004-x64

8

Sharing

General

Target

unknown.exe.vir
Size

1.9MB
Sample

220920-htb7zsfgel
MD5

9d3b27b3a999b235deceb897431d9cad
SHA1

caf056a08abe9dc8dc63ccb93609ad811c248937
SHA256

0fa41ef1fdafc8802949cc226b5ef2f8986ce09d2b26f0562b18b4a62c459609
SHA512

a695f864a69112b6ffed501c2b2fa0652106915e9292c64b005fc668bc0b4f7ece0b2cfe5a525cf018c0389b65f32e12a29376d50689573d6322ee486562cb6e
SSDEEP

24576:u7FUDowAyrTVE3U5FmqT7z1klhAhH6m5x7awFhJdNo69lOy7KTijlA:uBuZrEUL3ilhAZv55DdN7POGjG

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

unknown.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

11 signatures

300 seconds

Malware Config

Targets

- Target
  
  unknown.exe.vir
- Size
  
  1.9MB
- MD5
  
  9d3b27b3a999b235deceb897431d9cad
- SHA1
  
  caf056a08abe9dc8dc63ccb93609ad811c248937
- SHA256
  
  0fa41ef1fdafc8802949cc226b5ef2f8986ce09d2b26f0562b18b4a62c459609
- SHA512
  
  a695f864a69112b6ffed501c2b2fa0652106915e9292c64b005fc668bc0b4f7ece0b2cfe5a525cf018c0389b65f32e12a29376d50689573d6322ee486562cb6e
- SSDEEP
  
  24576:u7FUDowAyrTVE3U5FmqT7z1klhAhH6m5x7awFhJdNo69lOy7KTijlA:uBuZrEUL3ilhAZv55DdN7POGjG
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy