0db8ca15096f8d3877fb75093f25e3e858e50332d547b6a78c7f4acaa1da34f6 | Triage

Submit
Reports

Overview

overview

Static

static

0db8ca1509...f6.exe

windows7-x64

0db8ca1509...f6.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

0db8ca15096f8d3877fb75093f25e3e858e50332d547b6a78c7f4acaa1da34f6
Size

41KB
Sample

240410-xb5txabd4s
MD5

fe6f947f8a83695f53aff514fbc7b5b2
SHA1

ab2be2b7773db48226b9781f07fab54ae0501b43
SHA256

0db8ca15096f8d3877fb75093f25e3e858e50332d547b6a78c7f4acaa1da34f6
SHA512

6d5e70af475f982ac19775d9beb2d4df96cf8030916cf560f37640757a7a1d49eca403abadc3acb0505f5681fd87228a4615fec1349f0d53005de96ab64d4891
SSDEEP

768:xIP5WOMVs4PSV06ymNNC6S7Cm1n2OBGRIWNSE77DPQ1TTGfGYhb:xI0OGrOy6NvSpMZrQ1J2

Score

10^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0db8ca15096f8d3877fb75093f25e3e858e50332d547b6a78c7f4acaa1da34f6.exe

Resource

win7-20240215-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

0db8ca15096f8d3877fb75093f25e3e858e50332d547b6a78c7f4acaa1da34f6.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
ftp.tripod.com
Port:
21
Username:
griptoloji
Password:
741852

Targets

- Target
  
  0db8ca15096f8d3877fb75093f25e3e858e50332d547b6a78c7f4acaa1da34f6
- Size
  
  41KB
- MD5
  
  fe6f947f8a83695f53aff514fbc7b5b2
- SHA1
  
  ab2be2b7773db48226b9781f07fab54ae0501b43
- SHA256
  
  0db8ca15096f8d3877fb75093f25e3e858e50332d547b6a78c7f4acaa1da34f6
- SHA512
  
  6d5e70af475f982ac19775d9beb2d4df96cf8030916cf560f37640757a7a1d49eca403abadc3acb0505f5681fd87228a4615fec1349f0d53005de96ab64d4891
- SSDEEP
  
  768:xIP5WOMVs4PSV06ymNNC6S7Cm1n2OBGRIWNSE77DPQ1TTGfGYhb:xI0OGrOy6NvSpMZrQ1J2
Score

10^/10
- Detects executables built or packed with MPress PE compressor
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy