51feb9cb3b67976c30bae2b79d04b2fa16727a2a754bb21d278f3239a595a6df | Triage

Submit
Reports

Overview

overview

8

Static

static

swb4.exe

windows10-2004-x64

8

Sharing

General

Target

swb4.exe
Size

4.3MB
Sample

230112-tvzkfscd7v
MD5

ebb02eee007688350f7a2720575746dc
SHA1

c55d3922e9db9061c680bc6adc5710c2220f6e0d
SHA256

51feb9cb3b67976c30bae2b79d04b2fa16727a2a754bb21d278f3239a595a6df
SHA512

a784cfc5870bbd5eeccd69f30c1732d63a42d04b5cd470d4e23e3ae3d76c0b3b60785d6724c6398b990c0e0322ad1976c72771149da2ddfaa631188bf0578e63
SSDEEP

98304:YOb4eRKZQ7v7JI6RGLnKO2nqRB+qIxTN0Ds/MuQ+SRSjmZX:ZbksTJI6wLZsqRBtsig9JuX

Score

8^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

swb4.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  swb4.exe
- Size
  
  4.3MB
- MD5
  
  ebb02eee007688350f7a2720575746dc
- SHA1
  
  c55d3922e9db9061c680bc6adc5710c2220f6e0d
- SHA256
  
  51feb9cb3b67976c30bae2b79d04b2fa16727a2a754bb21d278f3239a595a6df
- SHA512
  
  a784cfc5870bbd5eeccd69f30c1732d63a42d04b5cd470d4e23e3ae3d76c0b3b60785d6724c6398b990c0e0322ad1976c72771149da2ddfaa631188bf0578e63
- SSDEEP
  
  98304:YOb4eRKZQ7v7JI6RGLnKO2nqRB+qIxTN0Ds/MuQ+SRSjmZX:ZbksTJI6wLZsqRBtsig9JuX
Score

8^/10

discovery
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy