ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf | Triage

Submit
Reports

Overview

overview

8

Static

static

ec98cce2c5...af.exe

windows7-x64

8

ec98cce2c5...af.exe

windows10-2004-x64

8

Sharing

General

Target

ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf
Size

68KB
Sample

221204-rx15yscc21
MD5

87e74fe498a18d8e5f8ef9822bb1c266
SHA1

c0ea2dc6d595712c5e55cc90f6fe47802120fe9d
SHA256

ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf
SHA512

cf0657a175a38f4c295e3c2d68c7db59bc0895848e492f5b834ec36d925b70a111276d05887f40c4f39d9d93e484262f3d421466df5e0996ee91e5d11817d1c2
SSDEEP

1536:ocRIxxDweFdl6ENqBHNLKc2WOFRhVl+0HCn5E:xRy1wejhIBHNGYOFRhdiC

Score

8^/10

discovery exploit

Static task

static1

Behavioral task

behavioral1

Sample

ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf.exe

Resource

win7-20220901-en

discovery exploit

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf.exe

Resource

win10v2004-20220901-en

discovery exploit

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf
- Size
  
  68KB
- MD5
  
  87e74fe498a18d8e5f8ef9822bb1c266
- SHA1
  
  c0ea2dc6d595712c5e55cc90f6fe47802120fe9d
- SHA256
  
  ec98cce2c5bb8918f63643b4f8b657de83b32f62255ee768811b29b770c67caf
- SHA512
  
  cf0657a175a38f4c295e3c2d68c7db59bc0895848e492f5b834ec36d925b70a111276d05887f40c4f39d9d93e484262f3d421466df5e0996ee91e5d11817d1c2
- SSDEEP
  
  1536:ocRIxxDweFdl6ENqBHNLKc2WOFRhVl+0HCn5E:xRy1wejhIBHNGYOFRhdiC
Score

8^/10

discovery exploit
- Possible privilege escalation attempt
  exploit
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Modifies file permissions
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit

© 2018-2024

Terms | Privacy