1d7b34e451017cab9eb200dbbd19150b13dd015193deb691027acad5ae2c3d1a | Triage

Submit
Reports

Overview

overview

Static

static

1

1d7b34e451...1a.exe

windows7-x64

1d7b34e451...1a.exe

windows10-2004-x64

Sharing

General

Target

1d7b34e451017cab9eb200dbbd19150b13dd015193deb691027acad5ae2c3d1a
Size

98KB
Sample

221124-q9csfscc8w
MD5

00748908d76108512f23f75a06121abe
SHA1

f9337ed78937699f66ad3216765c20b270b61fbd
SHA256

1d7b34e451017cab9eb200dbbd19150b13dd015193deb691027acad5ae2c3d1a
SHA512

93b6a33b3fd3d9b1e741ef87b0616c311235f445a1a4eae45159e7fa389538a6879b0d9d116482281d063550bbdd388b9ecba4c78446e7f645a4d4caf1850ff8
SSDEEP

3072:8Lk395hYXJxIL9ZslcFt0dAXNCJuhOP7BTmTQh5:8QqbILMlcFt0WCIIEQz

Score

10^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1d7b34e451017cab9eb200dbbd19150b13dd015193deb691027acad5ae2c3d1a.exe

Resource

win7-20221111-en

persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

1d7b34e451017cab9eb200dbbd19150b13dd015193deb691027acad5ae2c3d1a.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  1d7b34e451017cab9eb200dbbd19150b13dd015193deb691027acad5ae2c3d1a
- Size
  
  98KB
- MD5
  
  00748908d76108512f23f75a06121abe
- SHA1
  
  f9337ed78937699f66ad3216765c20b270b61fbd
- SHA256
  
  1d7b34e451017cab9eb200dbbd19150b13dd015193deb691027acad5ae2c3d1a
- SHA512
  
  93b6a33b3fd3d9b1e741ef87b0616c311235f445a1a4eae45159e7fa389538a6879b0d9d116482281d063550bbdd388b9ecba4c78446e7f645a4d4caf1850ff8
- SSDEEP
  
  3072:8Lk395hYXJxIL9ZslcFt0dAXNCJuhOP7BTmTQh5:8QqbILMlcFt0WCIIEQz
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy