ced9be4b013de155b7b413926254b898dc3364e71d339893d3014c065dbf41b2 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

KryxiviaInstaller.exe

windows10-1703-x64

8

Resubmissions

20-03-2023 04:10

230320-erwl3abg47 8

20-03-2023 04:09

230320-eqz8vsdg9z 7

Sharing

General

Target

KryxiviaInstaller.exe
Size

5.2MB
Sample

230320-erwl3abg47
MD5

359e6b859b5c3d0714015952eef68f7d
SHA1

2c82924ccce46d992588ea88bea2ba7d48a1e4d5
SHA256

ced9be4b013de155b7b413926254b898dc3364e71d339893d3014c065dbf41b2
SHA512

0347a6ae8b1e72bf3f86e65d7b70ed6d94e794292040a79921b48142ae2e1309337aef04cb4f6251f93e88aaf9884a4ddaa58b725e6a85f05321acb078cd50fc
SSDEEP

98304:ST/yH02PyfKIRetXCnZsrr+Qeack4iHKpgJKHA3x1j5mLBrG5dkjC6:2yHpPX3eqGpa3KpgJKHevj5mLByzkW6

Score

8^/10

microsoft discovery phishing

Static task

static1

Behavioral task

behavioral1

Sample

KryxiviaInstaller.exe

Resource

win10-20230220-en

microsoft discovery phishing

windows10-1703-x64

22 signatures

300 seconds

Malware Config

Targets

- Target
  
  KryxiviaInstaller.exe
- Size
  
  5.2MB
- MD5
  
  359e6b859b5c3d0714015952eef68f7d
- SHA1
  
  2c82924ccce46d992588ea88bea2ba7d48a1e4d5
- SHA256
  
  ced9be4b013de155b7b413926254b898dc3364e71d339893d3014c065dbf41b2
- SHA512
  
  0347a6ae8b1e72bf3f86e65d7b70ed6d94e794292040a79921b48142ae2e1309337aef04cb4f6251f93e88aaf9884a4ddaa58b725e6a85f05321acb078cd50fc
- SSDEEP
  
  98304:ST/yH02PyfKIRetXCnZsrr+Qeack4iHKpgJKHA3x1j5mLBrG5dkjC6:2yHpPX3eqGpa3KpgJKHevj5mLByzkW6
Score

8^/10

microsoft discovery phishing
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

microsoftdiscoveryphishing

© 2018-2024

Terms | Privacy