c37e69ab7e6bbf12ffda266080c90e42e99459e81225000b8b093a96f98a86d0 | Triage

Submit
Reports

Overview

overview

8

Static

static

c37e69ab7e...d0.exe

windows7-x64

8

c37e69ab7e...d0.exe

windows10-2004-x64

8

Sharing

General

Target

c37e69ab7e6bbf12ffda266080c90e42e99459e81225000b8b093a96f98a86d0
Size

622KB
Sample

221123-xj8wjaac2s
MD5

4541567d2434b2ae79d96ecfde2a7f10
SHA1

572a66d134fa40e4faad26f1fb5740b953758fdd
SHA256

c37e69ab7e6bbf12ffda266080c90e42e99459e81225000b8b093a96f98a86d0
SHA512

49fb5c7df2b862a4cb6b8376020d09e9f34a31b43c46309850b99f55496b50129a0506a703805c62dfcc31f38f9351627da6b39ebe3a91279f026fc1545b2eb2
SSDEEP

12288:E5NeIXRYHWGxG9tUp36sbMjZhc7besfAjmJhyt7BZ:E5AgRcpQ/UlbMjZKKsfcmvcD

Score

8^/10

discovery evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

c37e69ab7e6bbf12ffda266080c90e42e99459e81225000b8b093a96f98a86d0.exe

Resource

win7-20220812-en

discovery evasion trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

c37e69ab7e6bbf12ffda266080c90e42e99459e81225000b8b093a96f98a86d0.exe

Resource

win10v2004-20221111-en

discovery evasion trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  c37e69ab7e6bbf12ffda266080c90e42e99459e81225000b8b093a96f98a86d0
- Size
  
  622KB
- MD5
  
  4541567d2434b2ae79d96ecfde2a7f10
- SHA1
  
  572a66d134fa40e4faad26f1fb5740b953758fdd
- SHA256
  
  c37e69ab7e6bbf12ffda266080c90e42e99459e81225000b8b093a96f98a86d0
- SHA512
  
  49fb5c7df2b862a4cb6b8376020d09e9f34a31b43c46309850b99f55496b50129a0506a703805c62dfcc31f38f9351627da6b39ebe3a91279f026fc1545b2eb2
- SSDEEP
  
  12288:E5NeIXRYHWGxG9tUp36sbMjZhc7besfAjmJhyt7BZ:E5AgRcpQ/UlbMjZKKsfcmvcD
Score

8^/10

discovery evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan

© 2018-2024

Terms | Privacy