9ca113ba5614a85fdab4cf43439a8a020bd0d761db92f8748280d2f4ac8eca53 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

9ca113ba56...53.exe

windows7-x64

8

9ca113ba56...53.exe

windows10-2004-x64

8

Sharing

General

Target

9ca113ba5614a85fdab4cf43439a8a020bd0d761db92f8748280d2f4ac8eca53
Size

445KB
Sample

221123-mzm9nafd88
MD5

741ce948223437def56a95790f31edfb
SHA1

e861c494369ad956b20868fb492acfd1202a5690
SHA256

9ca113ba5614a85fdab4cf43439a8a020bd0d761db92f8748280d2f4ac8eca53
SHA512

53be5e4f8f61a0b70c6e37daa72b7349d4d451ac274bb452ec4c6d29e5d75263d3938a059c8dfd58e1a84932b8b672f4bf5bb2c8db1c03ee7ced91d9e4eb85c5
SSDEEP

6144:XzfYo1nJsxvgbXsXozdjh/yBdMM8y7ev6stxsdBacFZCSdbOmBi1cTU8sN+3ZBdR:EmJsxvg7siN+ivXj6acFTL3UryFZ3bFN

Score

8^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9ca113ba5614a85fdab4cf43439a8a020bd0d761db92f8748280d2f4ac8eca53.exe

Resource

win7-20220812-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

9ca113ba5614a85fdab4cf43439a8a020bd0d761db92f8748280d2f4ac8eca53.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  9ca113ba5614a85fdab4cf43439a8a020bd0d761db92f8748280d2f4ac8eca53
- Size
  
  445KB
- MD5
  
  741ce948223437def56a95790f31edfb
- SHA1
  
  e861c494369ad956b20868fb492acfd1202a5690
- SHA256
  
  9ca113ba5614a85fdab4cf43439a8a020bd0d761db92f8748280d2f4ac8eca53
- SHA512
  
  53be5e4f8f61a0b70c6e37daa72b7349d4d451ac274bb452ec4c6d29e5d75263d3938a059c8dfd58e1a84932b8b672f4bf5bb2c8db1c03ee7ced91d9e4eb85c5
- SSDEEP
  
  6144:XzfYo1nJsxvgbXsXozdjh/yBdMM8y7ev6stxsdBacFZCSdbOmBi1cTU8sN+3ZBdR:EmJsxvg7siN+ivXj6acFTL3UryFZ3bFN
Score

8^/10

discovery
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy