994d88edaea074a625deb8cbbaa5845ae4b93702cbc22f69f43e41d834cbc8c1 | Triage

Submit
Reports

Overview

overview

Static

static

1

994d88edae...c1.exe

windows7-x64

7

994d88edae...c1.exe

windows10-2004-x64

Sharing

General

Target

994d88edaea074a625deb8cbbaa5845ae4b93702cbc22f69f43e41d834cbc8c1
Size

905KB
Sample

221128-flk4taga87
MD5

566f7fc870e04e44b35021cc0620723d
SHA1

991008e3b08043a1ead6572ed51cf33fc531f1c0
SHA256

994d88edaea074a625deb8cbbaa5845ae4b93702cbc22f69f43e41d834cbc8c1
SHA512

c7c9ec617ed6d30d63216b65db0b22b34b205467b8793579c6c2553ae659443422c9f67da0c3e180247559a199babaa5837fe8eb79dbea0f007fd8c7bb1c2ef2
SSDEEP

24576:IJE8ma/otX4zMP4H/MtScVo+6QlFZCGi/aICs1:Iy8jAt8MP2/MtScW+6MFkGPs1

Score

10^/10

discovery phishing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

994d88edaea074a625deb8cbbaa5845ae4b93702cbc22f69f43e41d834cbc8c1.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

994d88edaea074a625deb8cbbaa5845ae4b93702cbc22f69f43e41d834cbc8c1.exe

Resource

win10v2004-20220812-en

discovery phishing

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  994d88edaea074a625deb8cbbaa5845ae4b93702cbc22f69f43e41d834cbc8c1
- Size
  
  905KB
- MD5
  
  566f7fc870e04e44b35021cc0620723d
- SHA1
  
  991008e3b08043a1ead6572ed51cf33fc531f1c0
- SHA256
  
  994d88edaea074a625deb8cbbaa5845ae4b93702cbc22f69f43e41d834cbc8c1
- SHA512
  
  c7c9ec617ed6d30d63216b65db0b22b34b205467b8793579c6c2553ae659443422c9f67da0c3e180247559a199babaa5837fe8eb79dbea0f007fd8c7bb1c2ef2
- SSDEEP
  
  24576:IJE8ma/otX4zMP4H/MtScVo+6QlFZCGi/aICs1:Iy8jAt8MP2/MtScW+6MFkGPs1
Score

10^/10

discovery phishing
- Detected phishing page
  phishing
- Downloads MZ/PE file
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

discoveryphishing

© 2018-2024

Terms | Privacy