aaabb8a454e51e5069dc3757ad5a01cedeb291f83116091519839f900cc8c70f | Triage

Submit
Reports

Overview

overview

8

Static

static

1

setup-inst...23.exe

windows10-2004-x64

8

Sharing

General

Target

setup-install-geneatique-2023.exe
Size

523KB
Sample

240504-vq6cwafb48
MD5

edaa606e36622434054c0673cf6af1cb
SHA1

2a66889c5f759a95109aca702c15a7ce1b0a0094
SHA256

aaabb8a454e51e5069dc3757ad5a01cedeb291f83116091519839f900cc8c70f
SHA512

aa65ade0839f095e0bf6b8ea907eaa78d704aa3645bfddf330b621c40cdda045fe0ec2aaea18e48e813e545c8d636f17941dbb0d42f28024ac14fd2c8592888e
SSDEEP

12288:dS3yBV888888888888W88888888888wyGtORzK/AA9i6Zub02O9HtFbXaT2K:w3yyy0Z/D9kqtZaT2K

Score

8^/10

discovery evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

setup-install-geneatique-2023.exe

Resource

win10v2004-20240426-fr

discovery evasion persistence trojan

windows10-2004-x64

21 signatures

1200 seconds

Malware Config

Targets

- Target
  
  setup-install-geneatique-2023.exe
- Size
  
  523KB
- MD5
  
  edaa606e36622434054c0673cf6af1cb
- SHA1
  
  2a66889c5f759a95109aca702c15a7ce1b0a0094
- SHA256
  
  aaabb8a454e51e5069dc3757ad5a01cedeb291f83116091519839f900cc8c70f
- SHA512
  
  aa65ade0839f095e0bf6b8ea907eaa78d704aa3645bfddf330b621c40cdda045fe0ec2aaea18e48e813e545c8d636f17941dbb0d42f28024ac14fd2c8592888e
- SSDEEP
  
  12288:dS3yBV888888888888W88888888888wyGtORzK/AA9i6Zub02O9HtFbXaT2K:w3yyy0Z/D9kqtZaT2K
Score

8^/10

discovery evasion persistence trojan
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

© 2018-2024

Terms | Privacy