Overview

overview

8

Static

static

1

KryxiviaInstaller.exe

windows10-1703-x64

8

Resubmissions

20-03-2023 04:10

230320-erwl3abg47 8

20-03-2023 04:09

230320-eqz8vsdg9z 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    KryxiviaInstaller.exe

  • Size

    5.2MB

  • Sample

    230320-erwl3abg47

  • MD5

    359e6b859b5c3d0714015952eef68f7d

  • SHA1

    2c82924ccce46d992588ea88bea2ba7d48a1e4d5

  • SHA256

    ced9be4b013de155b7b413926254b898dc3364e71d339893d3014c065dbf41b2

  • SHA512

    0347a6ae8b1e72bf3f86e65d7b70ed6d94e794292040a79921b48142ae2e1309337aef04cb4f6251f93e88aaf9884a4ddaa58b725e6a85f05321acb078cd50fc

  • SSDEEP

    98304:ST/yH02PyfKIRetXCnZsrr+Qeack4iHKpgJKHA3x1j5mLBrG5dkjC6:2yHpPX3eqGpa3KpgJKHevj5mLByzkW6

Score
8/10
microsoftdiscoveryphishing

Malware Config

Targets

    • Target

      KryxiviaInstaller.exe

    • Size

      5.2MB

    • MD5

      359e6b859b5c3d0714015952eef68f7d

    • SHA1

      2c82924ccce46d992588ea88bea2ba7d48a1e4d5

    • SHA256

      ced9be4b013de155b7b413926254b898dc3364e71d339893d3014c065dbf41b2

    • SHA512

      0347a6ae8b1e72bf3f86e65d7b70ed6d94e794292040a79921b48142ae2e1309337aef04cb4f6251f93e88aaf9884a4ddaa58b725e6a85f05321acb078cd50fc

    • SSDEEP

      98304:ST/yH02PyfKIRetXCnZsrr+Qeack4iHKpgJKHA3x1j5mLBrG5dkjC6:2yHpPX3eqGpa3KpgJKHevj5mLByzkW6

    Score
    8/10
    microsoftdiscoveryphishing

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks