0f22fab40e78ca09a0c8061f5670bab89cf844a80809e9d44b2ee43df8d5d368 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

setup.exe

windows7-x64

8

setup.exe

windows10-2004-x64

8

Sharing

General

Target

setup.exe
Size

5.3MB
Sample

230717-rwce7sce99
MD5

ea4e417a39e08456616236317f1de71c
SHA1

9da716ccfcc259d2d97aed335e3c6519f736d2ae
SHA256

0f22fab40e78ca09a0c8061f5670bab89cf844a80809e9d44b2ee43df8d5d368
SHA512

270cfebe6184a6b22d21d7c5ca36158c7a8afcbcd5187bfd0d71394da0d357e67f6888ebd2b9c39ea6557e8521f22bbd62168eb255d80ccc85a0977390ea7fb6
SSDEEP

98304:jf7wCQInrje/CAVMJy1W+xe7i0iewsclxgVZGnz0qGcmpelN:jfn6/VSl+xWusYxiGnwqGcGef

Score

8^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

setup.exe

Resource

win7-20230712-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

setup.exe

Resource

win10v2004-20230703-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  setup.exe
- Size
  
  5.3MB
- MD5
  
  ea4e417a39e08456616236317f1de71c
- SHA1
  
  9da716ccfcc259d2d97aed335e3c6519f736d2ae
- SHA256
  
  0f22fab40e78ca09a0c8061f5670bab89cf844a80809e9d44b2ee43df8d5d368
- SHA512
  
  270cfebe6184a6b22d21d7c5ca36158c7a8afcbcd5187bfd0d71394da0d357e67f6888ebd2b9c39ea6557e8521f22bbd62168eb255d80ccc85a0977390ea7fb6
- SSDEEP
  
  98304:jf7wCQInrje/CAVMJy1W+xe7i0iewsclxgVZGnz0qGcmpelN:jfn6/VSl+xWusYxiGnwqGcGef
Score

8^/10

discovery
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy