c5c249e6654e69397786271dfda6b770bbd444a82e1de83fbf11bc1c418eeb12 | Triage

Submit
Reports

Overview

overview

Static

static

Setup.exe

windows7-x64

Setup.exe

windows10-2004-x64

8

Sharing

General

Target

Setup.exe
Size

90.9MB
Sample

230102-hl3d7sdf35
MD5

9c7401301be2071690afd1d56ba21b11
SHA1

5c2911deea7a166fd0d5f7e264f5ea51f8e25a66
SHA256

c5c249e6654e69397786271dfda6b770bbd444a82e1de83fbf11bc1c418eeb12
SHA512

a47f233f0412def9d0beb73b5f6f95708482c20b7c8b6e8f1c8d36183a292bb4c297ef7f2d6befd69ac18e5144819ca01681bdef3546980877c5b92fa862dee6
SSDEEP

1572864:iF9CQ4CEmFZJG8bgXfG4NdxJNtpLzwHvMtxb5h+i6mgVCRG:iTDd7GVfT5JN3LSUtxdp6mu

Score

10^/10

discovery evasion persistence

Static task

static1

Behavioral task

behavioral1

Sample

Setup.exe

Resource

win7-20221111-en

discovery evasion persistence

windows7-x64

22 signatures

150 seconds

Behavioral task

behavioral2

Sample

Setup.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  Setup.exe
- Size
  
  90.9MB
- MD5
  
  9c7401301be2071690afd1d56ba21b11
- SHA1
  
  5c2911deea7a166fd0d5f7e264f5ea51f8e25a66
- SHA256
  
  c5c249e6654e69397786271dfda6b770bbd444a82e1de83fbf11bc1c418eeb12
- SHA512
  
  a47f233f0412def9d0beb73b5f6f95708482c20b7c8b6e8f1c8d36183a292bb4c297ef7f2d6befd69ac18e5144819ca01681bdef3546980877c5b92fa862dee6
- SSDEEP
  
  1572864:iF9CQ4CEmFZJG8bgXfG4NdxJNtpLzwHvMtxb5h+i6mgVCRG:iTDd7GVfT5JN3LSUtxdp6mu
Score

10^/10

discovery evasion persistence
- Modifies firewall policy service
  evasion
- Blocklisted process makes network request
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

© 2018-2025

Terms | Privacy