90865e27b7a3ee29e359c0ec438ad99efd319ec0c1052a7195a68c5bb1bf4be8 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

90865e27b7...e8.exe

windows7-x64

9

90865e27b7...e8.exe

windows10-2004-x64

9

Sharing

General

Target

90865e27b7a3ee29e359c0ec438ad99efd319ec0c1052a7195a68c5bb1bf4be8
Size

68KB
Sample

240523-apjr9see9y
MD5

f9e502fd0e6d28e28ec019f388fd7dd1
SHA1

f995306d998cb8e049fa663e7493006f44c0984f
SHA256

90865e27b7a3ee29e359c0ec438ad99efd319ec0c1052a7195a68c5bb1bf4be8
SHA512

26cde4ad4475863d6e4fd11bd28fa959785b5b0c93f8d8302324df5ae4e18e1968ed02f7058bf7b19b4b76f077cf54edf2424561b24ad8cb60606b0e30f46bfb
SSDEEP

1536:NB+FC9RntfWeoGiPyCHjKDjfQQQtUe/g7Lq:NB+F8tfPN4yCDKDjfQQQtF

Score

9^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

90865e27b7a3ee29e359c0ec438ad99efd319ec0c1052a7195a68c5bb1bf4be8.exe

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

90865e27b7a3ee29e359c0ec438ad99efd319ec0c1052a7195a68c5bb1bf4be8.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  90865e27b7a3ee29e359c0ec438ad99efd319ec0c1052a7195a68c5bb1bf4be8
- Size
  
  68KB
- MD5
  
  f9e502fd0e6d28e28ec019f388fd7dd1
- SHA1
  
  f995306d998cb8e049fa663e7493006f44c0984f
- SHA256
  
  90865e27b7a3ee29e359c0ec438ad99efd319ec0c1052a7195a68c5bb1bf4be8
- SHA512
  
  26cde4ad4475863d6e4fd11bd28fa959785b5b0c93f8d8302324df5ae4e18e1968ed02f7058bf7b19b4b76f077cf54edf2424561b24ad8cb60606b0e30f46bfb
- SSDEEP
  
  1536:NB+FC9RntfWeoGiPyCHjKDjfQQQtUe/g7Lq:NB+F8tfPN4yCDKDjfQQQtF
Score

9^/10
- Detects executables built or packed with MPress PE compressor
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy