fcd26d2f2eaa8fb6b1426434c8b58b54dd136fa41b60a228b825236dc2e6116d | Triage

Submit
Reports

Overview

overview

8

Static

static

fcd26d2f2e...6d.exe

windows7-x64

8

fcd26d2f2e...6d.exe

windows10-2004-x64

8

Sharing

General

Target

fcd26d2f2eaa8fb6b1426434c8b58b54dd136fa41b60a228b825236dc2e6116d
Size

24KB
Sample

221019-qgfcwahcc2
MD5

925044a12beb1f5e87e0e50b123ac108
SHA1

8865b8ad52bc7a1bd0cdabd7bbd62b0bc190b001
SHA256

fcd26d2f2eaa8fb6b1426434c8b58b54dd136fa41b60a228b825236dc2e6116d
SHA512

b88d95aec1aaf2af0727ae8d4b878f412cf15173d59575831bc20e2ea60f62728f3460fbe22616835920b2b9e940471fb3eba925bef7bc44850d097e1cf86917
SSDEEP

384:4L+q5r+PpHfXhUkKvI4QwjQNa5KDJMgDT4U0x:4a4r+PpHfXGLOFXUU0x

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

fcd26d2f2eaa8fb6b1426434c8b58b54dd136fa41b60a228b825236dc2e6116d.exe

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

fcd26d2f2eaa8fb6b1426434c8b58b54dd136fa41b60a228b825236dc2e6116d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  fcd26d2f2eaa8fb6b1426434c8b58b54dd136fa41b60a228b825236dc2e6116d
- Size
  
  24KB
- MD5
  
  925044a12beb1f5e87e0e50b123ac108
- SHA1
  
  8865b8ad52bc7a1bd0cdabd7bbd62b0bc190b001
- SHA256
  
  fcd26d2f2eaa8fb6b1426434c8b58b54dd136fa41b60a228b825236dc2e6116d
- SHA512
  
  b88d95aec1aaf2af0727ae8d4b878f412cf15173d59575831bc20e2ea60f62728f3460fbe22616835920b2b9e940471fb3eba925bef7bc44850d097e1cf86917
- SSDEEP
  
  384:4L+q5r+PpHfXhUkKvI4QwjQNa5KDJMgDT4U0x:4a4r+PpHfXGLOFXUU0x
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy