937b871751c9959cf7b73aa3a6072968df4ea55bc8ee96128584cdacf80cf7f7 | Triage

Submit
Reports

Overview

overview

8

Static

static

937b871751...f7.exe

windows7-x64

8

937b871751...f7.exe

windows10-2004-x64

8

Sharing

General

Target

937b871751c9959cf7b73aa3a6072968df4ea55bc8ee96128584cdacf80cf7f7
Size

110KB
Sample

230129-2hw8kaha4z
MD5

8056504f65bb9ee9da7c3a7ef226bd41
SHA1

f4463c134204076fa044df2972499f5792dfbba4
SHA256

937b871751c9959cf7b73aa3a6072968df4ea55bc8ee96128584cdacf80cf7f7
SHA512

777b8ba0fb7664dbe3530f917703cf819a2c1da082ed9c159752a3810212a939fbbb77a2e866b1723568d1b9eb4cbcf0568af01eeed19a45e5e69b4af9f25eb4
SSDEEP

1536:H1r3q9vCGnAN4EmjQ8ayHACirV1PBSNLSl2xisFtVlcnLSHC4VmxfJ:oKGAcjQ8aEXiBRBSNmsisFteSi0k

Score

8^/10

discovery exploit

Static task

static1

Behavioral task

behavioral1

Sample

937b871751c9959cf7b73aa3a6072968df4ea55bc8ee96128584cdacf80cf7f7.exe

Resource

win7-20221111-en

discovery exploit

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

937b871751c9959cf7b73aa3a6072968df4ea55bc8ee96128584cdacf80cf7f7.exe

Resource

win10v2004-20220812-en

discovery exploit

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  937b871751c9959cf7b73aa3a6072968df4ea55bc8ee96128584cdacf80cf7f7
- Size
  
  110KB
- MD5
  
  8056504f65bb9ee9da7c3a7ef226bd41
- SHA1
  
  f4463c134204076fa044df2972499f5792dfbba4
- SHA256
  
  937b871751c9959cf7b73aa3a6072968df4ea55bc8ee96128584cdacf80cf7f7
- SHA512
  
  777b8ba0fb7664dbe3530f917703cf819a2c1da082ed9c159752a3810212a939fbbb77a2e866b1723568d1b9eb4cbcf0568af01eeed19a45e5e69b4af9f25eb4
- SSDEEP
  
  1536:H1r3q9vCGnAN4EmjQ8ayHACirV1PBSNLSl2xisFtVlcnLSHC4VmxfJ:oKGAcjQ8aEXiBRBSNmsisFteSi0k
Score

8^/10

discovery exploit
- Possible privilege escalation attempt
  exploit
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Modifies file permissions
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit

© 2018-2024

Terms | Privacy