07c0c72f364f8c5ffdc4a4d60ddba7081fa82971eabcfcb25d4e6b223690527a | Triage

Submit
Reports

Overview

overview

Static

static

1

iTunes64Setup.exe

windows11-21h2-x64

Resubmissions

26/06/2024, 11:27

240626-nkgc8ssemd 10

26/06/2024, 11:19

240626-nev97ssckh 10

26/06/2024, 10:57

240626-m2d4rs1fqd 10

13/02/2024, 21:11

240213-z11mlaaf36 10

13/02/2024, 21:05

240213-zxkrzaae97 10

13/02/2024, 20:13

240213-yzfqcsgg9y 10

Sharing

General

Target

iTunes64Setup.exe
Size

190.2MB
Sample

240213-z11mlaaf36
MD5

4fdc1e61b5b7035a70af0b496fd8d33d
SHA1

67a739e468f66d466407431adec45250fded6916
SHA256

07c0c72f364f8c5ffdc4a4d60ddba7081fa82971eabcfcb25d4e6b223690527a
SHA512

a03fe88d74eebf1ed6c37d70a7c969f5be7155051837300b20cfbaaff31e81586b10c0822a358c017c91adc8b2873229575774d412ee505941b4077b7c6a7c3b
SSDEEP

3145728:2WcOR4jhwXcmFQzXRbIWr2fa5Ss6Yc37CLYUHvGBh9S2RE26Ggm5k1y0BfuaxlGv:2Wc4fXNFKRbIWrYaYs2rCLElRE26nm59

Score

10^/10

evasion persistence

Static task

static1

Behavioral task

behavioral1

Sample

iTunes64Setup.exe

Resource

win11-20231222-en

evasion persistence

windows11-21h2-x64

34 signatures

1800 seconds

Malware Config

Targets

- Target
  
  iTunes64Setup.exe
- Size
  
  190.2MB
- MD5
  
  4fdc1e61b5b7035a70af0b496fd8d33d
- SHA1
  
  67a739e468f66d466407431adec45250fded6916
- SHA256
  
  07c0c72f364f8c5ffdc4a4d60ddba7081fa82971eabcfcb25d4e6b223690527a
- SHA512
  
  a03fe88d74eebf1ed6c37d70a7c969f5be7155051837300b20cfbaaff31e81586b10c0822a358c017c91adc8b2873229575774d412ee505941b4077b7c6a7c3b
- SSDEEP
  
  3145728:2WcOR4jhwXcmFQzXRbIWr2fa5Ss6Yc37CLYUHvGBh9S2RE26Ggm5k1y0BfuaxlGv:2Wc4fXNFKRbIWrYaYs2rCLElRE26nm59
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Adds Run key to start application
  persistence
- Blocklisted process makes network request
- Downloads MZ/PE file
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

© 2018-2025

Terms | Privacy