3bf6899e58a5f403037958fd41e4c9d9d123b15127154e26eed19fec02f9d374 | Triage

Submit
Reports

Overview

overview

Static

static

3bf6899e58...74.exe

windows7-x64

3bf6899e58...74.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

3bf6899e58a5f403037958fd41e4c9d9d123b15127154e26eed19fec02f9d374
Size

120KB
Sample

240325-wre3rahg2v
MD5

11f72917b5ebca12137f714f0940a587
SHA1

32226fd7e22d808f93a0fd929aa6de0bf9dc0e5a
SHA256

3bf6899e58a5f403037958fd41e4c9d9d123b15127154e26eed19fec02f9d374
SHA512

432f8bd524d5b11176b5deacc76422bd5386e4fce3cf15e9cd6a50f69a310b708822c666e5c4fe019b6d3dd9f414318a420c6f84d10b3a31608ac454f3d8fa2e
SSDEEP

3072:ufWM7IinFdZC4imrXiXm7kfeVarSPQi/mjRrz3C:ufWMsiFdZC4imrXiWAfe0rmQi/GC

Score

10^/10

persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

3bf6899e58a5f403037958fd41e4c9d9d123b15127154e26eed19fec02f9d374.exe

Resource

win7-20240221-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

3bf6899e58a5f403037958fd41e4c9d9d123b15127154e26eed19fec02f9d374.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  3bf6899e58a5f403037958fd41e4c9d9d123b15127154e26eed19fec02f9d374
- Size
  
  120KB
- MD5
  
  11f72917b5ebca12137f714f0940a587
- SHA1
  
  32226fd7e22d808f93a0fd929aa6de0bf9dc0e5a
- SHA256
  
  3bf6899e58a5f403037958fd41e4c9d9d123b15127154e26eed19fec02f9d374
- SHA512
  
  432f8bd524d5b11176b5deacc76422bd5386e4fce3cf15e9cd6a50f69a310b708822c666e5c4fe019b6d3dd9f414318a420c6f84d10b3a31608ac454f3d8fa2e
- SSDEEP
  
  3072:ufWM7IinFdZC4imrXiXm7kfeVarSPQi/mjRrz3C:ufWMsiFdZC4imrXiWAfe0rmQi/GC
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy