Overview

overview

8

Static

static

Telegram (1).exe

windows7-x64

8

Telegram (1).exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Telegram (1).exe

  • Size

    63.0MB

  • Sample

    221026-pyyp4sffd3

  • MD5

    080b7d824208b46d8760c06a26b0977c

  • SHA1

    9284a3e46106359bdf04d96351d9797da54c313a

  • SHA256

    9c541e0fbaf1b42332747c5833ca8df9ab5d0ddc845a294ed19885b4c54b0236

  • SHA512

    9d2d9cc7ec71431ab691bb64cdd5ed04a79fa8dc8a3a45043f66e9712c38df1d802e36827ba401384741eceaa2abeb19c467bd62dc3a8d2072664559c249cc28

  • SSDEEP

    1572864:REAbAI3KXgIvqmikXony3HwJFz7/JWI0EyYvH9Vzp/dNmlQ:RR6XgIvlPLXwJRQIjvH9VVHt

Score
8/10
discovery

Malware Config

Targets

    • Target

      Telegram (1).exe

    • Size

      63.0MB

    • MD5

      080b7d824208b46d8760c06a26b0977c

    • SHA1

      9284a3e46106359bdf04d96351d9797da54c313a

    • SHA256

      9c541e0fbaf1b42332747c5833ca8df9ab5d0ddc845a294ed19885b4c54b0236

    • SHA512

      9d2d9cc7ec71431ab691bb64cdd5ed04a79fa8dc8a3a45043f66e9712c38df1d802e36827ba401384741eceaa2abeb19c467bd62dc3a8d2072664559c249cc28

    • SSDEEP

      1572864:REAbAI3KXgIvqmikXony3HwJFz7/JWI0EyYvH9Vzp/dNmlQ:RR6XgIvlPLXwJRQIjvH9VVHt

    Score
    8/10
    discovery

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks