Overview

overview

6

Static

static

1

PowerToysU...64.exe

windows10-2004-x64

6

Resubmissions

28-02-2024 03:17

240228-ds1rqshh8s 10

28-02-2024 03:01

240228-dh1nzshf9x 4

28-02-2024 02:39

240228-c5sq8ahd97 6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PowerToysUserSetup-0.78.0-x64.exe

  • Size

    249.8MB

  • Sample

    240228-c5sq8ahd97

  • MD5

    aa98e52c780c510c6d7a7eef1859cb4e

  • SHA1

    da888750065c08be20312e643782a9b1255e7eb4

  • SHA256

    120b1cefc94d76ec593a61d717bbb2e12af195d19e04c811f519d3f9b9b3b5c0

  • SHA512

    1adee598c5c6ef32acfef1343e404dfe0f82fe7f02bde851236006748d9116e8e848e8ce120de811bf2085029635ffd8a70c923574666791f3ef6dc8010e85e3

  • SSDEEP

    6291456:Yan+LwMs9L55ZETFxAVHpn0XXTC2XNBgRAEnY2pnHFQ8/C5kX3hXMXuMWA:Yls53uIVJn0XG28bYmn2ookXyoA

Score
6/10
discoverypersistence

Malware Config

Targets

    • Target

      PowerToysUserSetup-0.78.0-x64.exe

    • Size

      249.8MB

    • MD5

      aa98e52c780c510c6d7a7eef1859cb4e

    • SHA1

      da888750065c08be20312e643782a9b1255e7eb4

    • SHA256

      120b1cefc94d76ec593a61d717bbb2e12af195d19e04c811f519d3f9b9b3b5c0

    • SHA512

      1adee598c5c6ef32acfef1343e404dfe0f82fe7f02bde851236006748d9116e8e848e8ce120de811bf2085029635ffd8a70c923574666791f3ef6dc8010e85e3

    • SSDEEP

      6291456:Yan+LwMs9L55ZETFxAVHpn0XXTC2XNBgRAEnY2pnHFQ8/C5kX3hXMXuMWA:Yls53uIVJn0XG28bYmn2ookXyoA

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Downloads MZ/PE file

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks