f2e6f93df8f41a5f4346d1257488691887998721501322b02604948399d36f19 | Triage

Submit
Reports

Overview

overview

8

Static

static

f2e6f93df8...19.exe

windows7-x64

8

f2e6f93df8...19.exe

windows10-2004-x64

8

Sharing

General

Target

f2e6f93df8f41a5f4346d1257488691887998721501322b02604948399d36f19
Size

3.4MB
Sample

221125-2kscdsca89
MD5

6e96ae1db674fb5d329167f0b0e6a4a4
SHA1

8b9b9ffc9bce70135eabb69063b1f4f44945a373
SHA256

f2e6f93df8f41a5f4346d1257488691887998721501322b02604948399d36f19
SHA512

a526be2719cbc867aff917392828072fe99e3d27d9500b912929d1e10a90be28b9f4fddf8b586a3e7bb4130c0a95537018a357fe39e4296c4ec4fbf06d8ed6ef
SSDEEP

98304:/3yobVyq03fv0oKATM6A/7zf8iEFb1OL6PVgNZz+:/yey13EoXM68vHO5fPeNZa

Score

8^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

f2e6f93df8f41a5f4346d1257488691887998721501322b02604948399d36f19.exe

Resource

win7-20221111-en

discovery persistence

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

f2e6f93df8f41a5f4346d1257488691887998721501322b02604948399d36f19.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  f2e6f93df8f41a5f4346d1257488691887998721501322b02604948399d36f19
- Size
  
  3.4MB
- MD5
  
  6e96ae1db674fb5d329167f0b0e6a4a4
- SHA1
  
  8b9b9ffc9bce70135eabb69063b1f4f44945a373
- SHA256
  
  f2e6f93df8f41a5f4346d1257488691887998721501322b02604948399d36f19
- SHA512
  
  a526be2719cbc867aff917392828072fe99e3d27d9500b912929d1e10a90be28b9f4fddf8b586a3e7bb4130c0a95537018a357fe39e4296c4ec4fbf06d8ed6ef
- SSDEEP
  
  98304:/3yobVyq03fv0oKATM6A/7zf8iEFb1OL6PVgNZz+:/yey13EoXM68vHO5fPeNZa
Score

8^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

© 2018-2024

Terms | Privacy