82d3b3fc7e680c3fd90fce8ed8c112c79234434ab25f21cdec4b5aa797c7576b | Triage

Submit
Reports

Overview

overview

Static

static

82d3b3fc7e...6b.exe

windows7-x64

82d3b3fc7e...6b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

82d3b3fc7e680c3fd90fce8ed8c112c79234434ab25f21cdec4b5aa797c7576b
Size

432KB
Sample

221201-hwh4bahg7y
MD5

3c60a6ea610482a9612aea96e6517c95
SHA1

7963db5687f8a51671e5a3f092f873897f90d6de
SHA256

82d3b3fc7e680c3fd90fce8ed8c112c79234434ab25f21cdec4b5aa797c7576b
SHA512

d48d2a0ae196eeaad2f14c629497c4751d54b8158dc5a03fa54bc2a930c8f810639df1e1b6a42e5353a571c0a643314dd3b817277ec2e5d65858123dfa620047
SSDEEP

12288:KtlYXUZbHwqM0N9JNY4DuPwnUmct4DuPrCw:KzYXUZb/M0N9JN1DnW6Dup

Score

10^/10

evasion

Static task

static1

Behavioral task

behavioral1

Sample

82d3b3fc7e680c3fd90fce8ed8c112c79234434ab25f21cdec4b5aa797c7576b.exe

Resource

win7-20220812-en

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

82d3b3fc7e680c3fd90fce8ed8c112c79234434ab25f21cdec4b5aa797c7576b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  82d3b3fc7e680c3fd90fce8ed8c112c79234434ab25f21cdec4b5aa797c7576b
- Size
  
  432KB
- MD5
  
  3c60a6ea610482a9612aea96e6517c95
- SHA1
  
  7963db5687f8a51671e5a3f092f873897f90d6de
- SHA256
  
  82d3b3fc7e680c3fd90fce8ed8c112c79234434ab25f21cdec4b5aa797c7576b
- SHA512
  
  d48d2a0ae196eeaad2f14c629497c4751d54b8158dc5a03fa54bc2a930c8f810639df1e1b6a42e5353a571c0a643314dd3b817277ec2e5d65858123dfa620047
- SSDEEP
  
  12288:KtlYXUZbHwqM0N9JNY4DuPwnUmct4DuPrCw:KzYXUZb/M0N9JN1DnW6Dup
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Blocks application from running via registry modification
  Adds application to list of disallowed applications.
  evasion
- Disables RegEdit via registry modification
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy