fcaf523ce3f77184e129f37d2b09554e2df337e7111e6e04dc603f24617e86ae | Triage

Submit
Reports

Overview

overview

Static

static

3

fcaf523ce3...ae.exe

windows7-x64

fcaf523ce3...ae.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

fcaf523ce3f77184e129f37d2b09554e2df337e7111e6e04dc603f24617e86ae
Size

88KB
Sample

230718-e9588agc88
MD5

77a5de0d15588d8a0519f9bd3724d289
SHA1

ed58a11bb39f4bc982cb357b1e9faf5753c0c6ee
SHA256

fcaf523ce3f77184e129f37d2b09554e2df337e7111e6e04dc603f24617e86ae
SHA512

a952cf05326ae6d6b492af588fd518f39d2d5fd34f94e7f5d889a38f3908f3deaa80a11925319f10fc0f14c4fef07e94705ffa165561a2d437165aa46fc60670
SSDEEP

1536:I+7+BweyTmf4fya0+YY4sr8i0D4iEC7ANVppi41tgtshsN3vQc:H+BweyTmf4fyaQ5sr8i0DC16vR

Score

10^/10

persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fcaf523ce3f77184e129f37d2b09554e2df337e7111e6e04dc603f24617e86ae.exe

Resource

win7-20230712-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

fcaf523ce3f77184e129f37d2b09554e2df337e7111e6e04dc603f24617e86ae.exe

Resource

win10v2004-20230703-en

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  fcaf523ce3f77184e129f37d2b09554e2df337e7111e6e04dc603f24617e86ae
- Size
  
  88KB
- MD5
  
  77a5de0d15588d8a0519f9bd3724d289
- SHA1
  
  ed58a11bb39f4bc982cb357b1e9faf5753c0c6ee
- SHA256
  
  fcaf523ce3f77184e129f37d2b09554e2df337e7111e6e04dc603f24617e86ae
- SHA512
  
  a952cf05326ae6d6b492af588fd518f39d2d5fd34f94e7f5d889a38f3908f3deaa80a11925319f10fc0f14c4fef07e94705ffa165561a2d437165aa46fc60670
- SSDEEP
  
  1536:I+7+BweyTmf4fya0+YY4sr8i0D4iEC7ANVppi41tgtshsN3vQc:H+BweyTmf4fyaQ5sr8i0DC16vR
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Modifies Installed Components in the registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy