e31e931ccbb008dd5fd0fe430cbb5ba14bcffa46640f4751bcc72d70232ca732 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

e31e931ccb...32.exe

windows7-x64

1

e31e931ccb...32.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

e31e931ccbb008dd5fd0fe430cbb5ba14bcffa46640f4751bcc72d70232ca732
Size

545KB
Sample

230505-yv3dkabf23
MD5

73a04fa96283729b1115149872e8eb91
SHA1

a43856a1efe1e2b74eacf3e9ceb1ea781b4d9e49
SHA256

e31e931ccbb008dd5fd0fe430cbb5ba14bcffa46640f4751bcc72d70232ca732
SHA512

6a9c2a511ef9b90954bd0cc7ac024d40e5bb58f15fcf67d29e2cc3df684b4e74f8b673a2fdfdae15670d13a9a9559073aa8e7555994174aa97129812cf2c9a39
SSDEEP

6144:GRg1VrUJCqSM25Wmw24KRlMAFaVnDKzDevFl3HGcOm2qcVM5QCsITLzXa206T/wC:ZVrUJLmN4VAY3dl3HGcOmg8XrXjM2E

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e31e931ccbb008dd5fd0fe430cbb5ba14bcffa46640f4751bcc72d70232ca732.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

e31e931ccbb008dd5fd0fe430cbb5ba14bcffa46640f4751bcc72d70232ca732.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  e31e931ccbb008dd5fd0fe430cbb5ba14bcffa46640f4751bcc72d70232ca732
- Size
  
  545KB
- MD5
  
  73a04fa96283729b1115149872e8eb91
- SHA1
  
  a43856a1efe1e2b74eacf3e9ceb1ea781b4d9e49
- SHA256
  
  e31e931ccbb008dd5fd0fe430cbb5ba14bcffa46640f4751bcc72d70232ca732
- SHA512
  
  6a9c2a511ef9b90954bd0cc7ac024d40e5bb58f15fcf67d29e2cc3df684b4e74f8b673a2fdfdae15670d13a9a9559073aa8e7555994174aa97129812cf2c9a39
- SSDEEP
  
  6144:GRg1VrUJCqSM25Wmw24KRlMAFaVnDKzDevFl3HGcOm2qcVM5QCsITLzXa206T/wC:ZVrUJLmN4VAY3dl3HGcOmg8XrXjM2E
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy