bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88 | Triage

Submit
Reports

Overview

overview

Static

static

bdcedbdf02...88.exe

windows7-x64

bdcedbdf02...88.exe

windows10-2004-x64

Sharing

General

Target

bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88
Size

749KB
Sample

221203-yvvzgsfc2y
MD5

829698894b4a13b4a683f97301b0f682
SHA1

353513afd1d98071ebe6090cb4b793e30422a2c3
SHA256

bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88
SHA512

8500418d814d1cc145492c73a82b3a247f83fb6a89a3c6506fe925107795c1060038636e58b55e47f196ae1e07b851e4f99cb5a733bfdbe4d574b31a323aea5b
SSDEEP

12288:g72bntEL772bntELDRFj47+572bntEL772bntELDRFj47+HDn0:g72ze72z2Ky72ze72z2K80

Score

10^/10

evasion persistence

Static task

static1

Behavioral task

behavioral1

Sample

bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88.exe

Resource

win7-20220901-en

evasion persistence

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88.exe

Resource

win10v2004-20220901-en

evasion persistence

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88
- Size
  
  749KB
- MD5
  
  829698894b4a13b4a683f97301b0f682
- SHA1
  
  353513afd1d98071ebe6090cb4b793e30422a2c3
- SHA256
  
  bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88
- SHA512
  
  8500418d814d1cc145492c73a82b3a247f83fb6a89a3c6506fe925107795c1060038636e58b55e47f196ae1e07b851e4f99cb5a733bfdbe4d574b31a323aea5b
- SSDEEP
  
  12288:g72bntEL772bntELDRFj47+572bntEL772bntELDRFj47+HDn0:g72ze72z2Ky72ze72z2K80
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence

© 2018-2025

Terms | Privacy