cad3f5316132f8a8156d79bafba843eed53e34b07bb4757f83c9e0abc77251ba | Triage

Submit
Reports

Overview

overview

8

Static

static

1

soothing-a...60.mp4

windows7-x64

1

soothing-a...60.mp4

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

soothing-ambience-with-breathtaking-waterfall.3840x2160.mp4
Size

71.5MB
Sample

240520-kq38eacc26
MD5

79805ff09b39ffb00542d66137de92c1
SHA1

24ad71cbf72d8db182c96ed0480254525dcc8903
SHA256

cad3f5316132f8a8156d79bafba843eed53e34b07bb4757f83c9e0abc77251ba
SHA512

6d81d2dca8de9a42bd90088799624b63cbf88b08a81278830a4d31aadca3a2d6256c1e4a7a907d89962c1d730e9f4e7ace8fb23fa7498a49158a57338174cef7
SSDEEP

1572864:hWTp+3p3zIg5c2eNqr1zjHRvR20yN0DYzb8vu9Luyo:OpQhzIgOPNqr1PRvXUXA3

Score

8^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

soothing-ambience-with-breathtaking-waterfall.3840x2160.mp4

Resource

win7-20240419-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

soothing-ambience-with-breathtaking-waterfall.3840x2160.mp4

Resource

win10v2004-20240508-en

discovery persistence

windows10-2004-x64

26 signatures

150 seconds

Malware Config

Targets

- Target
  
  soothing-ambience-with-breathtaking-waterfall.3840x2160.mp4
- Size
  
  71.5MB
- MD5
  
  79805ff09b39ffb00542d66137de92c1
- SHA1
  
  24ad71cbf72d8db182c96ed0480254525dcc8903
- SHA256
  
  cad3f5316132f8a8156d79bafba843eed53e34b07bb4757f83c9e0abc77251ba
- SHA512
  
  6d81d2dca8de9a42bd90088799624b63cbf88b08a81278830a4d31aadca3a2d6256c1e4a7a907d89962c1d730e9f4e7ace8fb23fa7498a49158a57338174cef7
- SSDEEP
  
  1572864:hWTp+3p3zIg5c2eNqr1zjHRvR20yN0DYzb8vu9Luyo:OpQhzIgOPNqr1PRvXUXA3
Score

8^/10

discovery persistence
- Downloads MZ/PE file
- Modifies Installed Components in the registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence

© 2018-2025

Terms | Privacy