021c55e0f80853f48684eea06f4956ffe8449d0e13c29634182da6e231c6301e | Triage

Submit
Reports

Overview

overview

8

Static

static

021c55e0f8...1e.exe

windows7-x64

8

021c55e0f8...1e.exe

windows10-2004-x64

8

Sharing

General

Target

021c55e0f80853f48684eea06f4956ffe8449d0e13c29634182da6e231c6301e
Size

241KB
Sample

221123-hmn8zaeb34
MD5

7140593ad4bf56a07d7f63b1f3af6b1e
SHA1

cbe16be9232431e721ee3042b8b0873853acf695
SHA256

021c55e0f80853f48684eea06f4956ffe8449d0e13c29634182da6e231c6301e
SHA512

96ef2a539db34b8c82a4084ff7fcbe47e100b2f4f41cebab3e1b48a60e84cdc03c0aadbf710d1a3406dfa8633a9364fe8d69c837e0dedb51f09a45b43b2cd5e7
SSDEEP

6144:zZXBsWqsE/Ao+mv8Qv0LVmwq4FU0nN876NKxzUVO0IJO:lXmwRo+mv8QD4+0N46NKxzyzIJO

Score

8^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

021c55e0f80853f48684eea06f4956ffe8449d0e13c29634182da6e231c6301e.exe

Resource

win7-20221111-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

021c55e0f80853f48684eea06f4956ffe8449d0e13c29634182da6e231c6301e.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  021c55e0f80853f48684eea06f4956ffe8449d0e13c29634182da6e231c6301e
- Size
  
  241KB
- MD5
  
  7140593ad4bf56a07d7f63b1f3af6b1e
- SHA1
  
  cbe16be9232431e721ee3042b8b0873853acf695
- SHA256
  
  021c55e0f80853f48684eea06f4956ffe8449d0e13c29634182da6e231c6301e
- SHA512
  
  96ef2a539db34b8c82a4084ff7fcbe47e100b2f4f41cebab3e1b48a60e84cdc03c0aadbf710d1a3406dfa8633a9364fe8d69c837e0dedb51f09a45b43b2cd5e7
- SSDEEP
  
  6144:zZXBsWqsE/Ao+mv8Qv0LVmwq4FU0nN876NKxzUVO0IJO:lXmwRo+mv8QD4+0N46NKxzyzIJO
Score

8^/10

discovery
- Blocklisted process makes network request
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy