0d2d0ea58ef992000c3e4dd715d3ae7b80504626d4d9e902861fe58ca097d8d6 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

0d2d0ea58e...d6.exe

windows7-x64

7

0d2d0ea58e...d6.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

0d2d0ea58ef992000c3e4dd715d3ae7b80504626d4d9e902861fe58ca097d8d6
Size

798KB
Sample

230306-rqey5scb71
MD5

93e8d369e3e9fa590ae6cc2569246b73
SHA1

affa8344fe9a47ad5080b85a7f6b5f0959c9374e
SHA256

0d2d0ea58ef992000c3e4dd715d3ae7b80504626d4d9e902861fe58ca097d8d6
SHA512

1ade0efa16ea830eed44938f7fe7975ea082c247ab29f57ebefed6e6c469c05b7cbdf4c1c2c395e6799f39bb705cfc876e28e53de6053c2813d113e5ba2714aa
SSDEEP

12288:rh0TlGfV/fXzcKtqdXe9jzXUmfME/loulG4QBkoPY:rh0TlGfV/bc2qtetbUOMsoulG4QmoPY

Score

8^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

0d2d0ea58ef992000c3e4dd715d3ae7b80504626d4d9e902861fe58ca097d8d6.exe

Resource

win7-20230220-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

0d2d0ea58ef992000c3e4dd715d3ae7b80504626d4d9e902861fe58ca097d8d6.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  0d2d0ea58ef992000c3e4dd715d3ae7b80504626d4d9e902861fe58ca097d8d6
- Size
  
  798KB
- MD5
  
  93e8d369e3e9fa590ae6cc2569246b73
- SHA1
  
  affa8344fe9a47ad5080b85a7f6b5f0959c9374e
- SHA256
  
  0d2d0ea58ef992000c3e4dd715d3ae7b80504626d4d9e902861fe58ca097d8d6
- SHA512
  
  1ade0efa16ea830eed44938f7fe7975ea082c247ab29f57ebefed6e6c469c05b7cbdf4c1c2c395e6799f39bb705cfc876e28e53de6053c2813d113e5ba2714aa
- SSDEEP
  
  12288:rh0TlGfV/fXzcKtqdXe9jzXUmfME/loulG4QBkoPY:rh0TlGfV/bc2qtetbUOMsoulG4QmoPY
Score

8^/10

discovery
- Contacts a large (1867) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Network Service Scanning

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy