dae06ec2c7cd6868d4369fd86ca2d09ca5d1e161455f7b8ac59fd2537d8caa98 | Triage

Submit
Reports

Overview

overview

Static

static

dae06ec2c7...98.exe

windows7-x64

dae06ec2c7...98.exe

windows10-2004-x64

Sharing

General

Target

dae06ec2c7cd6868d4369fd86ca2d09ca5d1e161455f7b8ac59fd2537d8caa98
Size

151KB
Sample

221124-awjqvafd89
MD5

1ce14b8e33ac73d894733e89f2d1e630
SHA1

ef4b77f0c5d4cd5e4be0df7a7b566cf555715ff3
SHA256

dae06ec2c7cd6868d4369fd86ca2d09ca5d1e161455f7b8ac59fd2537d8caa98
SHA512

4580d7d48867312712ea4aeb00ce521755eb732b6a86ac44c2825df24db11a1f5a3e57a02c0947e5857a3a7629caf073e03c6bbdc7923eda2e192d245516665e
SSDEEP

3072:MbZEhqr8+IQ9r/To2+GmTkUSqlDkYl/dvwN5emUstAxXl:MmqA+I47+GzwBWtAxXl

Score

10^/10

evasion persistence

Static task

static1

Behavioral task

behavioral1

Sample

dae06ec2c7cd6868d4369fd86ca2d09ca5d1e161455f7b8ac59fd2537d8caa98.exe

Resource

win7-20221111-en

evasion persistence

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

dae06ec2c7cd6868d4369fd86ca2d09ca5d1e161455f7b8ac59fd2537d8caa98.exe

Resource

win10v2004-20221111-en

evasion persistence

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  dae06ec2c7cd6868d4369fd86ca2d09ca5d1e161455f7b8ac59fd2537d8caa98
- Size
  
  151KB
- MD5
  
  1ce14b8e33ac73d894733e89f2d1e630
- SHA1
  
  ef4b77f0c5d4cd5e4be0df7a7b566cf555715ff3
- SHA256
  
  dae06ec2c7cd6868d4369fd86ca2d09ca5d1e161455f7b8ac59fd2537d8caa98
- SHA512
  
  4580d7d48867312712ea4aeb00ce521755eb732b6a86ac44c2825df24db11a1f5a3e57a02c0947e5857a3a7629caf073e03c6bbdc7923eda2e192d245516665e
- SSDEEP
  
  3072:MbZEhqr8+IQ9r/To2+GmTkUSqlDkYl/dvwN5emUstAxXl:MmqA+I47+GzwBWtAxXl
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence

© 2018-2025

Terms | Privacy