94eb8f79aeaea587b912a969fd4948f4ad8f4c319ca6b1d3bd822f8f7c98c992 | Triage

Submit
Reports

Overview

overview

8

Static

static

5

94eb8f79ae...92.exe

windows7-x64

8

94eb8f79ae...92.exe

windows10-2004-x64

8

Sharing

General

Target

94eb8f79aeaea587b912a969fd4948f4ad8f4c319ca6b1d3bd822f8f7c98c992
Size

1.3MB
Sample

221121-2x6esaea4w
MD5

4c625d979cf42fff54f081a6167ab1a3
SHA1

1c498eeb940b9c9eefaaccd0b5915ce54e32826f
SHA256

94eb8f79aeaea587b912a969fd4948f4ad8f4c319ca6b1d3bd822f8f7c98c992
SHA512

e61c8d3acc548a507d58d639cc4fdd2d6bdf53797933c1b8214cbbb3bb811041dfa94936e589737622ff40fdc0ba6d9cdb97b24f5f4ace5568722664e4bea689
SSDEEP

24576:Ftb20pkaCqT5TBWgNQ7a23nY/Jj2seTbf+U7Y9cVTg1IytSXheX9Hh6A:2Vg5tQ7aIn709AyYXhYb5

Score

8^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

94eb8f79aeaea587b912a969fd4948f4ad8f4c319ca6b1d3bd822f8f7c98c992.exe

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

94eb8f79aeaea587b912a969fd4948f4ad8f4c319ca6b1d3bd822f8f7c98c992.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  94eb8f79aeaea587b912a969fd4948f4ad8f4c319ca6b1d3bd822f8f7c98c992
- Size
  
  1.3MB
- MD5
  
  4c625d979cf42fff54f081a6167ab1a3
- SHA1
  
  1c498eeb940b9c9eefaaccd0b5915ce54e32826f
- SHA256
  
  94eb8f79aeaea587b912a969fd4948f4ad8f4c319ca6b1d3bd822f8f7c98c992
- SHA512
  
  e61c8d3acc548a507d58d639cc4fdd2d6bdf53797933c1b8214cbbb3bb811041dfa94936e589737622ff40fdc0ba6d9cdb97b24f5f4ace5568722664e4bea689
- SSDEEP
  
  24576:Ftb20pkaCqT5TBWgNQ7a23nY/Jj2seTbf+U7Y9cVTg1IytSXheX9Hh6A:2Vg5tQ7aIn709AyYXhYb5
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy