733c71bab6a2fc290b5a380182f79d0163419fad4fbeb1a5de44daf3e3aa45f9 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

733c71bab6...f9.exe

windows7-x64

8

733c71bab6...f9.exe

windows10-2004-x64

8

Sharing

General

Target

733c71bab6a2fc290b5a380182f79d0163419fad4fbeb1a5de44daf3e3aa45f9
Size

1.5MB
Sample

221124-gfns7afe4w
MD5

ba1cdcbc4e19e97719acc9c459678e23
SHA1

12866d2b407873b918899cd0d145ad25a0bb3fe6
SHA256

733c71bab6a2fc290b5a380182f79d0163419fad4fbeb1a5de44daf3e3aa45f9
SHA512

fbab611e0a4bdbfe5777a8a75cf6ccab6405b4e7ad9d8224bb4cdcb12ea3173cf77465456fc7987156fee8b33286d4978f096ce95c786f3fdaf7e6869eb51a1c
SSDEEP

49152:IM4eRvjqnB/igTYN3efKMG0rrORTcQdB0pP:oeZdgTg3exlylipP

Score

8^/10

discovery evasion persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

733c71bab6a2fc290b5a380182f79d0163419fad4fbeb1a5de44daf3e3aa45f9.exe

Resource

win7-20220812-en

discovery evasion persistence trojan

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

733c71bab6a2fc290b5a380182f79d0163419fad4fbeb1a5de44daf3e3aa45f9.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  733c71bab6a2fc290b5a380182f79d0163419fad4fbeb1a5de44daf3e3aa45f9
- Size
  
  1.5MB
- MD5
  
  ba1cdcbc4e19e97719acc9c459678e23
- SHA1
  
  12866d2b407873b918899cd0d145ad25a0bb3fe6
- SHA256
  
  733c71bab6a2fc290b5a380182f79d0163419fad4fbeb1a5de44daf3e3aa45f9
- SHA512
  
  fbab611e0a4bdbfe5777a8a75cf6ccab6405b4e7ad9d8224bb4cdcb12ea3173cf77465456fc7987156fee8b33286d4978f096ce95c786f3fdaf7e6869eb51a1c
- SSDEEP
  
  49152:IM4eRvjqnB/igTYN3efKMG0rrORTcQdB0pP:oeZdgTg3exlylipP
Score

8^/10

discovery evasion persistence trojan
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

© 2018-2024

Terms | Privacy