b50f93fac9553f4619f754fef712fb04233f2635e1b0bd3d293359c6718ef706 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

Buff_Achie..._2.exe

windows7-x64

8

Buff_Achie..._2.exe

windows10-2004-x64

7

Sharing

General

Target

Buff_Achievement_Tracker_-_Installer_2.exe
Size

2.0MB
Sample

230331-ytqclsed31
MD5

2a9beb97d8e9134d8c4f100ece555439
SHA1

eed1cb42da2a9eb25f29eff85af543738467c244
SHA256

b50f93fac9553f4619f754fef712fb04233f2635e1b0bd3d293359c6718ef706
SHA512

014d6f06af83ec5e9368467dd61a53d6cd2bb6e1c7e77b812ff6cb1a198da5e360363df079e78a50dfe051a408fd26d17063ce54a0244d3768c8a1a44c00e47f
SSDEEP

49152:gF1JTaHxE87vxpsrFpIvvFqfcXkhIgs3HwCylpsEYpjERUc:g3JTKPN+TIvYfJIv3H/ylpwKC

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

Buff_Achievement_Tracker_-_Installer_2.exe

Resource

win7-20230220-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Buff_Achievement_Tracker_-_Installer_2.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  Buff_Achievement_Tracker_-_Installer_2.exe
- Size
  
  2.0MB
- MD5
  
  2a9beb97d8e9134d8c4f100ece555439
- SHA1
  
  eed1cb42da2a9eb25f29eff85af543738467c244
- SHA256
  
  b50f93fac9553f4619f754fef712fb04233f2635e1b0bd3d293359c6718ef706
- SHA512
  
  014d6f06af83ec5e9368467dd61a53d6cd2bb6e1c7e77b812ff6cb1a198da5e360363df079e78a50dfe051a408fd26d17063ce54a0244d3768c8a1a44c00e47f
- SSDEEP
  
  49152:gF1JTaHxE87vxpsrFpIvvFqfcXkhIgs3HwCylpsEYpjERUc:g3JTKPN+TIvYfJIv3H/ylpwKC
Score

8^/10

persistence
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy