be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f | Triage

Submit
Reports

Overview

overview

8

Static

static

be20583520...3f.exe

windows7-x64

8

be20583520...3f.exe

windows10-2004-x64

8

Sharing

General

Target

be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f
Size

102KB
Sample

221201-w6qg2abg8y
MD5

b9c7ff14fb297f70fbda656a683b5dff
SHA1

27704707d62f0a724172af81b62a6f86e100864e
SHA256

be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f
SHA512

33c81959b0c128c6752008dd6dcf4b519bbd5ec2a95ab4dd9c74c563d49019106af23159d9f4779eae58c37fc868419e093fa28d22ec76c774fb9bc555adc4cb
SSDEEP

1536:9y/OQ+2BHdzvGlQ1n2GR7klU9ByNLOP2HmZXwVl0wHCJK9f:9qH+2LDzn2S7kIByNiYmZXwBiu

Score

8^/10

discovery exploit

Static task

static1

Behavioral task

behavioral1

Sample

be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f.exe

Resource

win7-20220812-en

discovery exploit

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f.exe

Resource

win10v2004-20220901-en

discovery exploit

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f
- Size
  
  102KB
- MD5
  
  b9c7ff14fb297f70fbda656a683b5dff
- SHA1
  
  27704707d62f0a724172af81b62a6f86e100864e
- SHA256
  
  be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f
- SHA512
  
  33c81959b0c128c6752008dd6dcf4b519bbd5ec2a95ab4dd9c74c563d49019106af23159d9f4779eae58c37fc868419e093fa28d22ec76c774fb9bc555adc4cb
- SSDEEP
  
  1536:9y/OQ+2BHdzvGlQ1n2GR7klU9ByNLOP2HmZXwVl0wHCJK9f:9qH+2LDzn2S7kIByNiYmZXwBiu
Score

8^/10

discovery exploit
- Possible privilege escalation attempt
  exploit
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Modifies file permissions
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit

© 2018-2024

Terms | Privacy