fa7b30b6d1c5e169c3b824faf87ee7c7af4031a1aaade80be04c561c9bcbfe8d | Triage

Submit
Reports

Overview

overview

8

Static

static

fa7b30b6d1...8d.exe

windows7-x64

8

fa7b30b6d1...8d.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

fa7b30b6d1c5e169c3b824faf87ee7c7af4031a1aaade80be04c561c9bcbfe8d
Size

2.3MB
Sample

221129-dvwwkaec3v
MD5

a5699668b8fc8054d2bc609754da67ed
SHA1

b13b14e15815113eeecf6cc3bd075f8cc0e1c430
SHA256

fa7b30b6d1c5e169c3b824faf87ee7c7af4031a1aaade80be04c561c9bcbfe8d
SHA512

f07444e84375a2fe2624f377f6e06ec3afd2d22bddb0e228b399a990ce6a045cec802ca0c93abab57fdc66605df6000a8a2272321f99d1cdf514e30e91041066
SSDEEP

49152:lwFIMVJuI8uDmJQGgXCY7RJEm7oCUz70zQjok/AS5ASW:lMVUruDmJQGgyYlJOCUYMok/AS5ASW

Score

8^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

fa7b30b6d1c5e169c3b824faf87ee7c7af4031a1aaade80be04c561c9bcbfe8d.exe

Resource

win7-20220812-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

fa7b30b6d1c5e169c3b824faf87ee7c7af4031a1aaade80be04c561c9bcbfe8d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  fa7b30b6d1c5e169c3b824faf87ee7c7af4031a1aaade80be04c561c9bcbfe8d
- Size
  
  2.3MB
- MD5
  
  a5699668b8fc8054d2bc609754da67ed
- SHA1
  
  b13b14e15815113eeecf6cc3bd075f8cc0e1c430
- SHA256
  
  fa7b30b6d1c5e169c3b824faf87ee7c7af4031a1aaade80be04c561c9bcbfe8d
- SHA512
  
  f07444e84375a2fe2624f377f6e06ec3afd2d22bddb0e228b399a990ce6a045cec802ca0c93abab57fdc66605df6000a8a2272321f99d1cdf514e30e91041066
- SSDEEP
  
  49152:lwFIMVJuI8uDmJQGgXCY7RJEm7oCUz70zQjok/AS5ASW:lMVUruDmJQGgyYlJOCUYMok/AS5ASW
Score

8^/10

discovery
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy