690c8a63769d444fad47b7ddecee7f24c9333aa735d0bd46587d0df5cf15cde5 | Triage

Submit
Reports

Overview

overview

8

Static

static

MediaCreat...H2.exe

windows7-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

MediaCreationTool21H2.exe
Size

18.6MB
Sample

221008-t587msfad3
MD5

aa2ad37bb74c05a49417e3d2f1bd89ce
SHA1

1bf5f814ffe801b4e6f118e829c0d2821d78a60a
SHA256

690c8a63769d444fad47b7ddecee7f24c9333aa735d0bd46587d0df5cf15cde5
SHA512

fab34ccbefbcdcec8f823840c16ae564812d0e063319c4eb4cc1112cf775b8764fea59d0bbafd4774d84b56e08c24056fa96f27425c4060e12eb547c2ae086cc
SSDEEP

196608:MmtHa+5hH1km/Sf7byFXKEBmih9S5rQ5FNFl001p4Ki:Y+5RB/SDbyFBH9eQD/l00/4

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

MediaCreationTool21H2.exe

Resource

win7-20220812-en

windows7-x64

17 signatures

1800 seconds

Malware Config

Targets

- Target
  
  MediaCreationTool21H2.exe
- Size
  
  18.6MB
- MD5
  
  aa2ad37bb74c05a49417e3d2f1bd89ce
- SHA1
  
  1bf5f814ffe801b4e6f118e829c0d2821d78a60a
- SHA256
  
  690c8a63769d444fad47b7ddecee7f24c9333aa735d0bd46587d0df5cf15cde5
- SHA512
  
  fab34ccbefbcdcec8f823840c16ae564812d0e063319c4eb4cc1112cf775b8764fea59d0bbafd4774d84b56e08c24056fa96f27425c4060e12eb547c2ae086cc
- SSDEEP
  
  196608:MmtHa+5hH1km/Sf7byFXKEBmih9S5rQ5FNFl001p4Ki:Y+5RB/SDbyFBH9eQD/l00/4
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy