a28f4adb3387f38659beb140b9d25be7e84db5069256f9fc804ab91c1d5a79e5 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

Skype-8.97.0.404.exe

windows10-2004-x64

8

Sharing

General

Target

Skype-8.97.0.404.exe
Size

85.0MB
Sample

230523-mpsfmaeh53
MD5

4203fd588d094427a69a76ae21f7257b
SHA1

7e779cc8e680e8125f6c0d5392d05c8ce0498ee3
SHA256

a28f4adb3387f38659beb140b9d25be7e84db5069256f9fc804ab91c1d5a79e5
SHA512

274bc2d8375accf0d3c0d617b6dcaf770220d90290eca2083bc6c8fd65d56ef378dec6a16e62c11137e96c45386f93d6fb46e794cefce4e045cb361159194855
SSDEEP

1572864:7uvBrHmoObp/j2kDELqi8q8+91agqJnYHWvEZHjh+1WB93MjsvZNc7km4cyoHFR:7+Wb5KkDEth8+9dMf8ZFQuy+sYoHP

Score

8^/10

discovery evasion persistence

Static task

static1

Behavioral task

behavioral1

Sample

Skype-8.97.0.404.exe

Resource

win10v2004-20230220-en

discovery evasion persistence

windows10-2004-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  Skype-8.97.0.404.exe
- Size
  
  85.0MB
- MD5
  
  4203fd588d094427a69a76ae21f7257b
- SHA1
  
  7e779cc8e680e8125f6c0d5392d05c8ce0498ee3
- SHA256
  
  a28f4adb3387f38659beb140b9d25be7e84db5069256f9fc804ab91c1d5a79e5
- SHA512
  
  274bc2d8375accf0d3c0d617b6dcaf770220d90290eca2083bc6c8fd65d56ef378dec6a16e62c11137e96c45386f93d6fb46e794cefce4e045cb361159194855
- SSDEEP
  
  1572864:7uvBrHmoObp/j2kDELqi8q8+91agqJnYHWvEZHjh+1WB93MjsvZNc7km4cyoHFR:7+Wb5KkDEth8+9dMf8ZFQuy+sYoHP
Score

8^/10

discovery evasion persistence
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

© 2018-2025

Terms | Privacy