1dbde3816572524a93e643b68d6b6e7333575b5a8776454d1ce6814a6e6134eb | Triage

Submit
Reports

Overview

overview

8

Static

static

1

sample.html

windows7-x64

8

Sharing

General

Target

sample
Size

761KB
Sample

230207-sqh68scc99
MD5

7da5ac88438188a94a69e5ca75c03bb6
SHA1

b3a04aa60d9223d629128f0370cffb75f3268186
SHA256

1dbde3816572524a93e643b68d6b6e7333575b5a8776454d1ce6814a6e6134eb
SHA512

e60d0d209d890e9fe2287704068f10c7858a0cc3e7e49cbb053e26c71ea8f32add471d16faac094ff11f85c6d5398cb94df8bf9694a87a0c4d4ca8f4b89244c7
SSDEEP

6144:X1brxPrxbrxGrxHrxbrxQrxNrxx2+qNjF74VCjOET7rzN/uYPaLdYuXNzlPW9v+7:XprlrNrErFr5rSrnr//UI

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

sample.html

Resource

win7-20220812-en

windows7-x64

16 signatures

1800 seconds

Malware Config

Targets

- Target
  
  sample
- Size
  
  761KB
- MD5
  
  7da5ac88438188a94a69e5ca75c03bb6
- SHA1
  
  b3a04aa60d9223d629128f0370cffb75f3268186
- SHA256
  
  1dbde3816572524a93e643b68d6b6e7333575b5a8776454d1ce6814a6e6134eb
- SHA512
  
  e60d0d209d890e9fe2287704068f10c7858a0cc3e7e49cbb053e26c71ea8f32add471d16faac094ff11f85c6d5398cb94df8bf9694a87a0c4d4ca8f4b89244c7
- SSDEEP
  
  6144:X1brxPrxbrxGrxHrxbrxQrxNrxx2+qNjF74VCjOET7rzN/uYPaLdYuXNzlPW9v+7:XprlrNrErFr5rSrnr//UI
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Drops desktop.ini file(s)
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
- Modifies termsrv.dll
  Commonly used to allow simultaneous RDP sessions.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Remote Desktop Protocol

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy