e48ac1ba65a8acaa7000a4f5c237bba7a95386e4b0fd021afa33e1bd8215b676 | Triage

Submit
Reports

Overview

overview

8

Static

static

e48ac1ba65...76.exe

windows7-x64

8

e48ac1ba65...76.exe

windows10-2004-x64

8

Sharing

General

Target

e48ac1ba65a8acaa7000a4f5c237bba7a95386e4b0fd021afa33e1bd8215b676
Size

241KB
Sample

221123-hmnmfahf31
MD5

32e42ab434c0f650929be9eed7a09649
SHA1

123441fe918d7072a9c402c21d4b9996a4e0c0e2
SHA256

e48ac1ba65a8acaa7000a4f5c237bba7a95386e4b0fd021afa33e1bd8215b676
SHA512

0dab029975c3bd50d39e0bbaebb7f009ec7215285b72e0acd0a8bc4ef08751f6a0ced311796747201d890e9e0e0f462349eaa5eb605526d1df3cab7bdec98aa9
SSDEEP

6144:zZXBsWqsE/Ao+mv8Qv0LVmwq4FU0nN876NKxXCATB1Z:lXmwRo+mv8QD4+0N46NKxXRZ

Score

8^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

e48ac1ba65a8acaa7000a4f5c237bba7a95386e4b0fd021afa33e1bd8215b676.exe

Resource

win7-20221111-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

e48ac1ba65a8acaa7000a4f5c237bba7a95386e4b0fd021afa33e1bd8215b676.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  e48ac1ba65a8acaa7000a4f5c237bba7a95386e4b0fd021afa33e1bd8215b676
- Size
  
  241KB
- MD5
  
  32e42ab434c0f650929be9eed7a09649
- SHA1
  
  123441fe918d7072a9c402c21d4b9996a4e0c0e2
- SHA256
  
  e48ac1ba65a8acaa7000a4f5c237bba7a95386e4b0fd021afa33e1bd8215b676
- SHA512
  
  0dab029975c3bd50d39e0bbaebb7f009ec7215285b72e0acd0a8bc4ef08751f6a0ced311796747201d890e9e0e0f462349eaa5eb605526d1df3cab7bdec98aa9
- SSDEEP
  
  6144:zZXBsWqsE/Ao+mv8Qv0LVmwq4FU0nN876NKxXCATB1Z:lXmwRo+mv8QD4+0N46NKxXRZ
Score

8^/10

discovery
- Blocklisted process makes network request
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy