e51cbe96e3a9d5ec82b78ded4a570093fed54604a21b36707aa3f1dc216abdb6 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

Elsify Uni...de.exe

windows10-2004-x64

7

Sharing

General

Target

Elsify Universal by FrostChanger.de.exe
Size

18.7MB
Sample

240309-a7ma4sah36
MD5

c4e7c21c470314cec48770bdd6557a7e
SHA1

fa5e175cb1dbbbf8ebee99d8bb4795c401cb15a9
SHA256

e51cbe96e3a9d5ec82b78ded4a570093fed54604a21b36707aa3f1dc216abdb6
SHA512

255b8605651626489f3490869db7556348b0d8a880da91c91ebe2f636e9ffd7ce43d254c4d811186238bd9eb396fb5e155adc3e952d4a634005b3ddd069fce93
SSDEEP

196608:ZwRSn6Y/SXTVrlWhERb1ReeVG2COp0NMyrxxAwRSn6wcn23/R0tbz5O2KVBXrBqS:J/SXTVYhDe7CPNhrsRfBXcAidtMPD9h

Score

7^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Elsify Universal by FrostChanger.de.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  Elsify Universal by FrostChanger.de.exe
- Size
  
  18.7MB
- MD5
  
  c4e7c21c470314cec48770bdd6557a7e
- SHA1
  
  fa5e175cb1dbbbf8ebee99d8bb4795c401cb15a9
- SHA256
  
  e51cbe96e3a9d5ec82b78ded4a570093fed54604a21b36707aa3f1dc216abdb6
- SHA512
  
  255b8605651626489f3490869db7556348b0d8a880da91c91ebe2f636e9ffd7ce43d254c4d811186238bd9eb396fb5e155adc3e952d4a634005b3ddd069fce93
- SSDEEP
  
  196608:ZwRSn6Y/SXTVrlWhERb1ReeVG2COp0NMyrxxAwRSn6wcn23/R0tbz5O2KVBXrBqS:J/SXTVYhDe7CPNhrsRfBXcAidtMPD9h
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy