d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0 | Triage

Submit
Reports

Overview

overview

8

Static

static

d6b15325a9...b0.exe

windows7-x64

8

d6b15325a9...b0.exe

windows10-2004-x64

8

Sharing

General

Target

d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0
Size

364KB
Sample

221126-2lzg4aea9x
MD5

717456f53a12add2755742c7ad756ea5
SHA1

a68cab3b6aa3f00d44a8cbbc32aeaec7c88080f6
SHA256

d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0
SHA512

ac6272dbe1f831e0266397b0e77a577e1a427b019884401a092d1e28aad3eb92259eea74ca56253a142d88f822d2fc1e83cc7b4815ce864d3dfae771623573a9
SSDEEP

6144:vDMHW+RHqLcDmuHMWQl0DbLstSumaFwRnjxyB8tM:vDMHWcocD/shlftSzRnjxPi

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0.exe

Resource

win7-20221111-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0
- Size
  
  364KB
- MD5
  
  717456f53a12add2755742c7ad756ea5
- SHA1
  
  a68cab3b6aa3f00d44a8cbbc32aeaec7c88080f6
- SHA256
  
  d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0
- SHA512
  
  ac6272dbe1f831e0266397b0e77a577e1a427b019884401a092d1e28aad3eb92259eea74ca56253a142d88f822d2fc1e83cc7b4815ce864d3dfae771623573a9
- SSDEEP
  
  6144:vDMHW+RHqLcDmuHMWQl0DbLstSumaFwRnjxyB8tM:vDMHWcocD/shlftSzRnjxPi
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks for any installed AV software in registry
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Security Software Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy