6549623441d94b95d42b8b26bf98236c0d058c1a3e8cd88fc22817713345218b | Triage

Submit
Reports

Overview

overview

7

Static

static

6549623441...8b.exe

windows7-x64

7

6549623441...8b.exe

windows10-2004-x64

7

Sharing

General

Target

6549623441d94b95d42b8b26bf98236c0d058c1a3e8cd88fc22817713345218b
Size

828KB
Sample

221126-esn9dabb87
MD5

9f91114471d0a783047e3259c907fa35
SHA1

7baf47d1d2d0042551cef3b7e66659b4e2066c38
SHA256

6549623441d94b95d42b8b26bf98236c0d058c1a3e8cd88fc22817713345218b
SHA512

0948262cdddacfdf07d3917010bee424f4b980876b380aac9658136dc4fc121cb9ad85c276b2a5142c68b72eaf3ee553f85d3d5439c1c30401e4cc21be4e29c9
SSDEEP

24576:PDFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPI:LFhwFzPBYb02y4SA5MZ

Score

7^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

6549623441d94b95d42b8b26bf98236c0d058c1a3e8cd88fc22817713345218b.exe

Resource

win7-20220812-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

6549623441d94b95d42b8b26bf98236c0d058c1a3e8cd88fc22817713345218b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  6549623441d94b95d42b8b26bf98236c0d058c1a3e8cd88fc22817713345218b
- Size
  
  828KB
- MD5
  
  9f91114471d0a783047e3259c907fa35
- SHA1
  
  7baf47d1d2d0042551cef3b7e66659b4e2066c38
- SHA256
  
  6549623441d94b95d42b8b26bf98236c0d058c1a3e8cd88fc22817713345218b
- SHA512
  
  0948262cdddacfdf07d3917010bee424f4b980876b380aac9658136dc4fc121cb9ad85c276b2a5142c68b72eaf3ee553f85d3d5439c1c30401e4cc21be4e29c9
- SSDEEP
  
  24576:PDFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPI:LFhwFzPBYb02y4SA5MZ
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy