4e5fcc788287580ed19402eadaab8c69ca5f0a904ead605153feb534bbe87002 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

test.exe

windows7-x64

test.exe

windows10-2004-x64

Sharing

General

Target

test.exe
Size

5.3MB
Sample

240322-wt6cqahb6x
MD5

b59631e064541c8651576128708e50f9
SHA1

7aae996d4990f37a48288fa5f15a7889c3ff49b3
SHA256

4e5fcc788287580ed19402eadaab8c69ca5f0a904ead605153feb534bbe87002
SHA512

571a06f0ec88fe3697388195dd0a7f7e8d63945748855d928fb5005b51fd2c2baea1a63bd871ed0cfade5eabb879f577b7b04f9cd4d1222de52da641feee1f92
SSDEEP

98304:69w8PMOW9ZI6aO7sd/mzt5mAiN1vw+/YR8ov/bkMJmJZNOnTdjyip:ndIV0G/mzsN1vl/YRV4MY9OnTdjy

Score

8^/10

evasion persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

test.exe

Resource

win7-20240221-en

evasion persistence

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

test.exe

Resource

win10v2004-20240226-en

evasion persistence

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  test.exe
- Size
  
  5.3MB
- MD5
  
  b59631e064541c8651576128708e50f9
- SHA1
  
  7aae996d4990f37a48288fa5f15a7889c3ff49b3
- SHA256
  
  4e5fcc788287580ed19402eadaab8c69ca5f0a904ead605153feb534bbe87002
- SHA512
  
  571a06f0ec88fe3697388195dd0a7f7e8d63945748855d928fb5005b51fd2c2baea1a63bd871ed0cfade5eabb879f577b7b04f9cd4d1222de52da641feee1f92
- SSDEEP
  
  98304:69w8PMOW9ZI6aO7sd/mzt5mAiN1vw+/YR8ov/bkMJmJZNOnTdjyip:ndIV0G/mzsN1vl/YRV4MY9OnTdjy
Score

8^/10

evasion persistence
- Creates new service(s)
  persistence
- Drops file in Drivers directory
- Stops running service(s)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.