88209f3ed22f70e975e73f7772346ee3253c813b55d81804328497c88f91c042 | Triage

Submit
Reports

Overview

overview

8

Static

static

88209f3ed2...42.exe

windows7-x64

8

88209f3ed2...42.exe

windows10-2004-x64

8

Sharing

General

Target

88209f3ed22f70e975e73f7772346ee3253c813b55d81804328497c88f91c042
Size

924KB
Sample

221206-vm8c3afh37
MD5

77a1d669471d6d5a470229bb81c109fe
SHA1

7f0b8a08a9e3a209ae81079da40af0362a0af1a1
SHA256

88209f3ed22f70e975e73f7772346ee3253c813b55d81804328497c88f91c042
SHA512

c4dff7ae9b65a57e66b9d8085a8d6a2b441ec1549df154c9b114a8cbe4c172bf574b4655f959fda9ef30a3bf17ab3b11b1e90dffb67c76dd921451402d56e2ad
SSDEEP

24576:rCUdH6v+k1rdFev2EswT+j7EUl72yDGn:uwH5k15FDjRj9PG

Score

8^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

88209f3ed22f70e975e73f7772346ee3253c813b55d81804328497c88f91c042.exe

Resource

win7-20220901-en

discovery persistence

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

88209f3ed22f70e975e73f7772346ee3253c813b55d81804328497c88f91c042.exe

Resource

win10v2004-20220812-en

discovery persistence

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  88209f3ed22f70e975e73f7772346ee3253c813b55d81804328497c88f91c042
- Size
  
  924KB
- MD5
  
  77a1d669471d6d5a470229bb81c109fe
- SHA1
  
  7f0b8a08a9e3a209ae81079da40af0362a0af1a1
- SHA256
  
  88209f3ed22f70e975e73f7772346ee3253c813b55d81804328497c88f91c042
- SHA512
  
  c4dff7ae9b65a57e66b9d8085a8d6a2b441ec1549df154c9b114a8cbe4c172bf574b4655f959fda9ef30a3bf17ab3b11b1e90dffb67c76dd921451402d56e2ad
- SSDEEP
  
  24576:rCUdH6v+k1rdFev2EswT+j7EUl72yDGn:uwH5k15FDjRj9PG
Score

8^/10

discovery persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

© 2018-2024

Terms | Privacy