91456e34ecd161f317f5f2597c1e1c4ceb046c889fec76f5cdf556c262c4077e | Triage

Submit
Reports

Overview

overview

8

Static

static

91456e34ec...7e.exe

windows7-x64

8

91456e34ec...7e.exe

windows10-2004-x64

8

Sharing

General

Target

91456e34ecd161f317f5f2597c1e1c4ceb046c889fec76f5cdf556c262c4077e
Size

293KB
Sample

221123-qyg8ssac2x
MD5

436b2f12d84073b60a65b2aa9b56b640
SHA1

9960b5a4a1c3466bb67072f72977b0198278ebb0
SHA256

91456e34ecd161f317f5f2597c1e1c4ceb046c889fec76f5cdf556c262c4077e
SHA512

3a0f3333a735e64e01f0ac957886270dcf973f0eb364cd827ef360fd6016d2b3a031c70d04a3030a43628c97e584eab14cdd0af317dfbb1e362c545d382c266a
SSDEEP

6144:5OG0nzWPEcpkPH+HCJsfR9t8AC+1RVQpEcWe+zMAM+SUUB3GfI8:L0yPEyQsfdMUUgIAhSh9sb

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

91456e34ecd161f317f5f2597c1e1c4ceb046c889fec76f5cdf556c262c4077e.exe

Resource

win7-20221111-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

91456e34ecd161f317f5f2597c1e1c4ceb046c889fec76f5cdf556c262c4077e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  91456e34ecd161f317f5f2597c1e1c4ceb046c889fec76f5cdf556c262c4077e
- Size
  
  293KB
- MD5
  
  436b2f12d84073b60a65b2aa9b56b640
- SHA1
  
  9960b5a4a1c3466bb67072f72977b0198278ebb0
- SHA256
  
  91456e34ecd161f317f5f2597c1e1c4ceb046c889fec76f5cdf556c262c4077e
- SHA512
  
  3a0f3333a735e64e01f0ac957886270dcf973f0eb364cd827ef360fd6016d2b3a031c70d04a3030a43628c97e584eab14cdd0af317dfbb1e362c545d382c266a
- SSDEEP
  
  6144:5OG0nzWPEcpkPH+HCJsfR9t8AC+1RVQpEcWe+zMAM+SUUB3GfI8:L0yPEyQsfdMUUgIAhSh9sb
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks for any installed AV software in registry
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Security Software Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy