7805e22cc213d020c66ec59cddce244b8e8bddd4318bec817d283d1ba3f56e21 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

7805e22cc2...21.exe

windows7-x64

8

7805e22cc2...21.exe

windows10-2004-x64

8

Sharing

General

Target

7805e22cc213d020c66ec59cddce244b8e8bddd4318bec817d283d1ba3f56e21
Size

1.5MB
Sample

221126-kfje9ahh3w
MD5

49a90ea6efb87d74bf2f55796700bc9d
SHA1

5c36196689bcb46b4ba271cdcdfadace432f12d8
SHA256

7805e22cc213d020c66ec59cddce244b8e8bddd4318bec817d283d1ba3f56e21
SHA512

f5fa3288ca616dcca99db8ad894265cc78ca8e25b6607c77aebd614c89f92baf7c5e9cdca9eec4ee5d73ffb7182ef3af3b091ca9510479b3bf184dca02ef9cfd
SSDEEP

49152:EhLLblmnB/igTYN3efKMG0rrORTcQdB0p1:EhLL7gTg3exlylip1

Score

8^/10

discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7805e22cc213d020c66ec59cddce244b8e8bddd4318bec817d283d1ba3f56e21.exe

Resource

win7-20221111-en

discovery persistence

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

7805e22cc213d020c66ec59cddce244b8e8bddd4318bec817d283d1ba3f56e21.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  7805e22cc213d020c66ec59cddce244b8e8bddd4318bec817d283d1ba3f56e21
- Size
  
  1.5MB
- MD5
  
  49a90ea6efb87d74bf2f55796700bc9d
- SHA1
  
  5c36196689bcb46b4ba271cdcdfadace432f12d8
- SHA256
  
  7805e22cc213d020c66ec59cddce244b8e8bddd4318bec817d283d1ba3f56e21
- SHA512
  
  f5fa3288ca616dcca99db8ad894265cc78ca8e25b6607c77aebd614c89f92baf7c5e9cdca9eec4ee5d73ffb7182ef3af3b091ca9510479b3bf184dca02ef9cfd
- SSDEEP
  
  49152:EhLLblmnB/igTYN3efKMG0rrORTcQdB0p1:EhLL7gTg3exlylip1
Score

8^/10

discovery persistence
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

© 2018-2024

Terms | Privacy