04b6c9cdb32d4eb3a97b9fbcf8d31cd6c96c701dc987bd4af70ff7f408a1d591 | Triage

Submit
Reports

Overview

overview

8

Static

static

brambora.exe

windows7-x64

8

brambora.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

brambora.exe
Size

2.5MB
Sample

221226-xe81qsgf5v
MD5

4c228320a55925b54cb95a819e616617
SHA1

789cfe26cde0f3fba7393e13a60a0c2ac2892daa
SHA256

04b6c9cdb32d4eb3a97b9fbcf8d31cd6c96c701dc987bd4af70ff7f408a1d591
SHA512

21131eada4166f2c1a15cd527d124101232d80dac3f838f510b70b9bd22446b4781b8e83dd6163bbc53acb916f6d40f710752b34c827aa50769e52dc49fa9583
SSDEEP

24576:57xYpbZTDbuOnyainCmKjj5e4jSJZ6yY+Ec0xMkl81sU3AoJpoEUOgYMe:57UbZTDbu7ainCmlJo+poEUOgYMe

Score

8^/10

evasion persistence

Static task

static1

Behavioral task

behavioral1

Sample

brambora.exe

Resource

win7-20221111-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

brambora.exe

Resource

win10v2004-20220812-en

evasion persistence

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  brambora.exe
- Size
  
  2.5MB
- MD5
  
  4c228320a55925b54cb95a819e616617
- SHA1
  
  789cfe26cde0f3fba7393e13a60a0c2ac2892daa
- SHA256
  
  04b6c9cdb32d4eb3a97b9fbcf8d31cd6c96c701dc987bd4af70ff7f408a1d591
- SHA512
  
  21131eada4166f2c1a15cd527d124101232d80dac3f838f510b70b9bd22446b4781b8e83dd6163bbc53acb916f6d40f710752b34c827aa50769e52dc49fa9583
- SSDEEP
  
  24576:57xYpbZTDbuOnyainCmKjj5e4jSJZ6yY+Ec0xMkl81sU3AoJpoEUOgYMe:57UbZTDbu7ainCmlJo+poEUOgYMe
Score

8^/10

evasion persistence
- Executes dropped EXE
- Looks for VMWare Tools registry key
  evasion
- Registers COM server for autorun
  persistence
- Sets file execution options in registry
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence

© 2018-2025

Terms | Privacy