9b84c89ad461ffaf73f49c70aa6d564e573cd7e077b0b5fd2c75129191c110ef | Triage

Submit
Reports

Overview

overview

8

Static

static

Spark.exe

windows10-2004-x64

8

Sharing

General

Target

Spark.exe
Size

117.5MB
Sample

221029-r5gfhsbbh3
MD5

12cd2323eb2ee55e9e5b123d482c4a89
SHA1

cfe2166e6fecaedc14975816806df3140b92e07d
SHA256

9b84c89ad461ffaf73f49c70aa6d564e573cd7e077b0b5fd2c75129191c110ef
SHA512

63a92998e8232867518ccdc8b19fb7af8b07619428114184c764655e2764026eb6abc88c679a2208ecc3eaf842e549855e0feea6b04efbcd8b7374dae38ea104
SSDEEP

3145728:F5JQO8QzwhpKXaw6Zr1/DVLpjVC5Ui74gPScQqoaxfkC7xOPAQzO/wm:T8QdXmJtxCbfKjSgzBm

Score

8^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

Spark.exe

Resource

win10v2004-20220812-en

discovery persistence

windows10-2004-x64

15 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Spark.exe
- Size
  
  117.5MB
- MD5
  
  12cd2323eb2ee55e9e5b123d482c4a89
- SHA1
  
  cfe2166e6fecaedc14975816806df3140b92e07d
- SHA256
  
  9b84c89ad461ffaf73f49c70aa6d564e573cd7e077b0b5fd2c75129191c110ef
- SHA512
  
  63a92998e8232867518ccdc8b19fb7af8b07619428114184c764655e2764026eb6abc88c679a2208ecc3eaf842e549855e0feea6b04efbcd8b7374dae38ea104
- SSDEEP
  
  3145728:F5JQO8QzwhpKXaw6Zr1/DVLpjVC5Ui74gPScQqoaxfkC7xOPAQzO/wm:T8QdXmJtxCbfKjSgzBm
Score

8^/10

discovery persistence
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

© 2018-2025

Terms | Privacy