62894f17ab44288854d66214e6240bf7a1a2d4a22cf0c522d8e92f466b46cd41 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

smime.p7s

windows7-x64

5

smime.p7s

windows10-2004-x64

7

Sharing

General

Target

smime.p7s
Size

2KB
Sample

230517-tqgh3seg5w
MD5

90f272de29722597c2a3b05fee801af0
SHA1

70049b78de36a4e34566dda8ec0365788495f7e3
SHA256

62894f17ab44288854d66214e6240bf7a1a2d4a22cf0c522d8e92f466b46cd41
SHA512

ab946c4554ca93c8fb54059c19757bfea6916e4ae7ad0f14d543d15a9257831b5755f5e39e864337aca1efc93279067248e4c1ad02e74aa45767ea65c9343d28

Score

7^/10

Static task

static1

Behavioral task

behavioral1

Sample

smime.p7s

Resource

win7-20230220-en

windows7-x64

8 signatures

600 seconds

Behavioral task

behavioral2

Sample

smime.p7s

Resource

win10v2004-20230220-en

windows10-2004-x64

7 signatures

600 seconds

Malware Config

Targets

- Target
  
  smime.p7s
- Size
  
  2KB
- MD5
  
  90f272de29722597c2a3b05fee801af0
- SHA1
  
  70049b78de36a4e34566dda8ec0365788495f7e3
- SHA256
  
  62894f17ab44288854d66214e6240bf7a1a2d4a22cf0c522d8e92f466b46cd41
- SHA512
  
  ab946c4554ca93c8fb54059c19757bfea6916e4ae7ad0f14d543d15a9257831b5755f5e39e864337aca1efc93279067248e4c1ad02e74aa45767ea65c9343d28
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy