6d33ad3388ccc8eb5021b2e0b1380d635dd434e28f863c682b7591ebc9bffff9 | Triage

Submit
Reports

Overview

overview

Static

static

1

barcode-to...up.exe

windows10-1703-x64

barcode-to...up.exe

windows10-2004-x64

Sharing

General

Target

barcode-to-pc-server.v4.5.1.win.setup.exe
Size

2.9MB
Sample

230717-vtbbxadg55
MD5

047a0831b0fbfdd1749f505b3b296643
SHA1

f647411ab60c35d302b6367d3995bb72a3ac9ae6
SHA256

6d33ad3388ccc8eb5021b2e0b1380d635dd434e28f863c682b7591ebc9bffff9
SHA512

50ba03efc606fdb89776970d7724ffc9b854035cfbc04a18ebdacdfb16456b3be2fe1fbc195a430c694bae27e28b0abf6e829055594ae113927a5fd9695c3844
SSDEEP

49152:JjDwK73pfqvCRDAOqM0ErZnh4vUgi9GZ0wK/JI1ZNfDrEHosPIa+2h7Y5Yv/nrP:dj7ZyOqUY8p87ei1fEHoIO5Y3z

Score

10^/10

discovery evasion persistence

Static task

static1

Behavioral task

behavioral1

Sample

barcode-to-pc-server.v4.5.1.win.setup.exe

Resource

win10-20230703-en

discovery evasion persistence

windows10-1703-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

barcode-to-pc-server.v4.5.1.win.setup.exe

Resource

win10v2004-20230703-en

discovery evasion persistence

windows10-2004-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  barcode-to-pc-server.v4.5.1.win.setup.exe
- Size
  
  2.9MB
- MD5
  
  047a0831b0fbfdd1749f505b3b296643
- SHA1
  
  f647411ab60c35d302b6367d3995bb72a3ac9ae6
- SHA256
  
  6d33ad3388ccc8eb5021b2e0b1380d635dd434e28f863c682b7591ebc9bffff9
- SHA512
  
  50ba03efc606fdb89776970d7724ffc9b854035cfbc04a18ebdacdfb16456b3be2fe1fbc195a430c694bae27e28b0abf6e829055594ae113927a5fd9695c3844
- SSDEEP
  
  49152:JjDwK73pfqvCRDAOqM0ErZnh4vUgi9GZ0wK/JI1ZNfDrEHosPIa+2h7Y5Yv/nrP:dj7ZyOqUY8p87ei1fEHoIO5Y3z
Score

10^/10

discovery evasion persistence
- Modifies firewall policy service
  evasion
- Blocklisted process makes network request
- Modifies Windows Firewall
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence

© 2018-2025

Terms | Privacy