Overview

overview

8

Static

static

91ed2fcdde...5b.exe

windows7-x64

8

91ed2fcdde...5b.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    91ed2fcddefa980ab955f610353e77416bde7278a345b95d3867c5f54781c45b

  • Size

    66KB

  • Sample

    230129-wwac3aaa7s

  • MD5

    da4c7c71c7a68d87f9ced5c6985a230b

  • SHA1

    71f074d13c5f011ec8d414fb8baecdcc5437baf0

  • SHA256

    91ed2fcddefa980ab955f610353e77416bde7278a345b95d3867c5f54781c45b

  • SHA512

    585cea79175c49c26eb4eae430bf560645bc3d3abc5950edda273a8f9e6713153f704f277c1b78619dc0d62d0a63a349dde379755e2d196f3553a78d0b93c8e0

  • SSDEEP

    768:h2afqYPzC0fTrTVgELRL9u6/ejKAW+2dFmOFdId19iB9eP84xdH8Wo5oPA0Q:h2M1e8TVgELRLwa+2dDzInL3XoCPA0Q

Score
8/10
discoveryevasionexploit

Malware Config

Targets

    • Target

      91ed2fcddefa980ab955f610353e77416bde7278a345b95d3867c5f54781c45b

    • Size

      66KB

    • MD5

      da4c7c71c7a68d87f9ced5c6985a230b

    • SHA1

      71f074d13c5f011ec8d414fb8baecdcc5437baf0

    • SHA256

      91ed2fcddefa980ab955f610353e77416bde7278a345b95d3867c5f54781c45b

    • SHA512

      585cea79175c49c26eb4eae430bf560645bc3d3abc5950edda273a8f9e6713153f704f277c1b78619dc0d62d0a63a349dde379755e2d196f3553a78d0b93c8e0

    • SSDEEP

      768:h2afqYPzC0fTrTVgELRL9u6/ejKAW+2dFmOFdId19iB9eP84xdH8Wo5oPA0Q:h2M1e8TVgELRLwa+2dDzInL3XoCPA0Q

    Score
    8/10
    discoveryevasionexploit

    • Disables Task Manager via registry modification

      evasion

    • Possible privilege escalation attempt

      exploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks