cae2701435d8dee63146793d9a2299eb6475da9d57bf3a37cc35c57e8585bc4a | Triage

Submit
Reports

Overview

overview

8

Static

static

cae2701435...4a.exe

windows7-x64

8

cae2701435...4a.exe

windows10-2004-x64

8

Sharing

General

Target

cae2701435d8dee63146793d9a2299eb6475da9d57bf3a37cc35c57e8585bc4a
Size

20KB
Sample

221030-gwv77sfba4
MD5

a3a1a1777ea7b10636a8147aecd54b40
SHA1

40ef01b23361866fb00468855d0ecc55dc50cc48
SHA256

cae2701435d8dee63146793d9a2299eb6475da9d57bf3a37cc35c57e8585bc4a
SHA512

56d4cfc379cf0be5fdb344749f2cda635550ea076d48e98aba19921e7ddae3ba650de2f289a669cb3936949d5cfa970cdd54e57a4f03fb45dfa7d86c6e881c45
SSDEEP

192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBs3z:1M3PnQoHDCpHf4I4Qwdc0G5KDJC

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

cae2701435d8dee63146793d9a2299eb6475da9d57bf3a37cc35c57e8585bc4a.exe

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

cae2701435d8dee63146793d9a2299eb6475da9d57bf3a37cc35c57e8585bc4a.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  cae2701435d8dee63146793d9a2299eb6475da9d57bf3a37cc35c57e8585bc4a
- Size
  
  20KB
- MD5
  
  a3a1a1777ea7b10636a8147aecd54b40
- SHA1
  
  40ef01b23361866fb00468855d0ecc55dc50cc48
- SHA256
  
  cae2701435d8dee63146793d9a2299eb6475da9d57bf3a37cc35c57e8585bc4a
- SHA512
  
  56d4cfc379cf0be5fdb344749f2cda635550ea076d48e98aba19921e7ddae3ba650de2f289a669cb3936949d5cfa970cdd54e57a4f03fb45dfa7d86c6e881c45
- SSDEEP
  
  192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBs3z:1M3PnQoHDCpHf4I4Qwdc0G5KDJC
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy