83d370b73d5cd9cd2a3e250b1989e6389650911fc202e507b9a2ae2eda49f209 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

irc.html

windows10-2004-x64

Resubmissions

03/04/2023, 09:30

230403-lgswradh38 1

03/04/2023, 09:28

230403-lfjxfsdh36 1

03/04/2023, 09:16

230403-k8gr5afc4z 7

03/04/2023, 09:13

230403-k6tnxadg87 1

Sharing

General

Target

irc.html
Size

1KB
Sample

230403-k8gr5afc4z
MD5

254607c7562eda9ff9097c5ab177cf91
SHA1

ddc25325e6eb89729e9c76a0fc5f30a049cad86a
SHA256

83d370b73d5cd9cd2a3e250b1989e6389650911fc202e507b9a2ae2eda49f209
SHA512

9ad4cafd09cde7779f1651bc8e3f25869ed56754a456292c1074b548d1d3580c8a319c515df8ba3d31edc69724462563c753fce66ce38835017ca0a556edc12c

Score

7^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

irc.html

Resource

win10v2004-20230220-en

windows10-2004-x64

25 signatures

150 seconds

Malware Config

Targets

- Target
  
  irc.html
- Size
  
  1KB
- MD5
  
  254607c7562eda9ff9097c5ab177cf91
- SHA1
  
  ddc25325e6eb89729e9c76a0fc5f30a049cad86a
- SHA256
  
  83d370b73d5cd9cd2a3e250b1989e6389650911fc202e507b9a2ae2eda49f209
- SHA512
  
  9ad4cafd09cde7779f1651bc8e3f25869ed56754a456292c1074b548d1d3580c8a319c515df8ba3d31edc69724462563c753fce66ce38835017ca0a556edc12c
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy