3f61bec1882148de74b1bd7678946b7258e3a6ceab00b735523c7e840fc2ccac | Triage

Submit
Reports

Overview

overview

8

Static

static

3f61bec188...ac.exe

windows7-x64

8

3f61bec188...ac.exe

windows10-2004-x64

8

Sharing

General

Target

3f61bec1882148de74b1bd7678946b7258e3a6ceab00b735523c7e840fc2ccac
Size

224KB
Sample

221123-rvtyvsce7z
MD5

8574d049d1c39d4694a0707415e448d3
SHA1

49a0b17e74c86c239694ab06ca17ac1b11b3fc93
SHA256

3f61bec1882148de74b1bd7678946b7258e3a6ceab00b735523c7e840fc2ccac
SHA512

b360015fbd268f17526be898dbb9047abad7ff273718e6ee2e9167ef19e0cabceb7f23b752a61b433ff98bb4f630dfdbaf4b76d155b66aa20a6492613db1c2ff
SSDEEP

3072:7lnYUOOXhMRJD9SbR3SOibFRM2Vb59GevDdNFE1tTzk3II6+0iAX2C:iBOxY8bR3Sbi2559lrGbTzks2C

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

3f61bec1882148de74b1bd7678946b7258e3a6ceab00b735523c7e840fc2ccac.exe

Resource

win7-20221111-en

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

3f61bec1882148de74b1bd7678946b7258e3a6ceab00b735523c7e840fc2ccac.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  3f61bec1882148de74b1bd7678946b7258e3a6ceab00b735523c7e840fc2ccac
- Size
  
  224KB
- MD5
  
  8574d049d1c39d4694a0707415e448d3
- SHA1
  
  49a0b17e74c86c239694ab06ca17ac1b11b3fc93
- SHA256
  
  3f61bec1882148de74b1bd7678946b7258e3a6ceab00b735523c7e840fc2ccac
- SHA512
  
  b360015fbd268f17526be898dbb9047abad7ff273718e6ee2e9167ef19e0cabceb7f23b752a61b433ff98bb4f630dfdbaf4b76d155b66aa20a6492613db1c2ff
- SSDEEP
  
  3072:7lnYUOOXhMRJD9SbR3SOibFRM2Vb59GevDdNFE1tTzk3II6+0iAX2C:iBOxY8bR3Sbi2559lrGbTzks2C
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks for any installed AV software in registry
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy