ad270337b64c47ab43b6af0dbf1532280d0897e9dbdbf285b830565a2b9a2e87 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

ad270337b6...87.exe

windows7-x64

8

ad270337b6...87.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

ad270337b64c47ab43b6af0dbf1532280d0897e9dbdbf285b830565a2b9a2e87
Size

4.7MB
Sample

230521-lzqjcaca51
MD5

67e462f67b3b79c83169f0ac37d09d8b
SHA1

8179374ad895d4fe539a922f170b65861c13d8f7
SHA256

ad270337b64c47ab43b6af0dbf1532280d0897e9dbdbf285b830565a2b9a2e87
SHA512

15b9a68818f6d166c32c81736958a3878bb2bdbbe6bb6fecc433939808a1c547cfc9a7dfe1861c96dd3c0c0853e0a6fe88b82080b1ba204c03617b36edc48b50
SSDEEP

98304:3Q/7x9nPi7fijP5gRWNFUjrqu5kHYOhF/QR04kdJQ4uYpeCxIR:g/7xE2F65JOhF/QrS/piR

Score

8^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ad270337b64c47ab43b6af0dbf1532280d0897e9dbdbf285b830565a2b9a2e87.exe

Resource

win7-20230220-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ad270337b64c47ab43b6af0dbf1532280d0897e9dbdbf285b830565a2b9a2e87.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  ad270337b64c47ab43b6af0dbf1532280d0897e9dbdbf285b830565a2b9a2e87
- Size
  
  4.7MB
- MD5
  
  67e462f67b3b79c83169f0ac37d09d8b
- SHA1
  
  8179374ad895d4fe539a922f170b65861c13d8f7
- SHA256
  
  ad270337b64c47ab43b6af0dbf1532280d0897e9dbdbf285b830565a2b9a2e87
- SHA512
  
  15b9a68818f6d166c32c81736958a3878bb2bdbbe6bb6fecc433939808a1c547cfc9a7dfe1861c96dd3c0c0853e0a6fe88b82080b1ba204c03617b36edc48b50
- SSDEEP
  
  98304:3Q/7x9nPi7fijP5gRWNFUjrqu5kHYOhF/QR04kdJQ4uYpeCxIR:g/7xE2F65JOhF/QrS/piR
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy