a6a18e581d0297e2438033aa2a311248a872701fa9397c014f553effcb6ffbf5 | Triage

Submit
Reports

Overview

overview

Static

static

a6a18e581d...f5.exe

windows7-x64

9

a6a18e581d...f5.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

a6a18e581d0297e2438033aa2a311248a872701fa9397c014f553effcb6ffbf5
Size

71KB
Sample

240429-a4yjzadc28
MD5

52a500923432a84afc11cbec5e7efb06
SHA1

f72092b3422dca282e4ff89606870a3cf2b2acf2
SHA256

a6a18e581d0297e2438033aa2a311248a872701fa9397c014f553effcb6ffbf5
SHA512

967bf358b91eeed8205bf2984cd810e4d1ce8d0f4232154ff9f9ef03fe9ab2ec7de1f5bdb3603b10a43e433934233fa66498ceda4118850cadd4bb4a5a37ea9f
SSDEEP

768:ZrItKyw5WHXfQmjIiIk9ecAx7pP1EPU96MyXPdtldE9bIIIwjkB+++G:Zr3Z5IfQmv81x7pP1r3yXPdtnyjo+++G

Score

10^/10

evasion

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a6a18e581d0297e2438033aa2a311248a872701fa9397c014f553effcb6ffbf5.exe

Resource

win7-20240221-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

a6a18e581d0297e2438033aa2a311248a872701fa9397c014f553effcb6ffbf5.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  a6a18e581d0297e2438033aa2a311248a872701fa9397c014f553effcb6ffbf5
- Size
  
  71KB
- MD5
  
  52a500923432a84afc11cbec5e7efb06
- SHA1
  
  f72092b3422dca282e4ff89606870a3cf2b2acf2
- SHA256
  
  a6a18e581d0297e2438033aa2a311248a872701fa9397c014f553effcb6ffbf5
- SHA512
  
  967bf358b91eeed8205bf2984cd810e4d1ce8d0f4232154ff9f9ef03fe9ab2ec7de1f5bdb3603b10a43e433934233fa66498ceda4118850cadd4bb4a5a37ea9f
- SSDEEP
  
  768:ZrItKyw5WHXfQmjIiIk9ecAx7pP1EPU96MyXPdtldE9bIIIwjkB+++G:Zr3Z5IfQmv81x7pP1r3yXPdtnyjo+++G
Score

9^/10

evasion
- Detects Windows executables referencing non-Windows User-Agents
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy