bfb8d125de82f20e584a99360f04a3879bd6d472108f3f046f9e45dcb809e9d5 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

b99ee8126b...0N.exe

windows7-x64

9

b99ee8126b...0N.exe

windows10-2004-x64

9

Sharing

General

Target

b99ee8126be007b88fdc2dc789cb1010N.exe
Size

500KB
Sample

240722-qzfflazemb
MD5

b99ee8126be007b88fdc2dc789cb1010
SHA1

c2285d84d81c426bb61ac59c85ed865b7e167e1e
SHA256

bfb8d125de82f20e584a99360f04a3879bd6d472108f3f046f9e45dcb809e9d5
SHA512

5c73fce265dcd906f277f255d401470c1e3fda005de5aac6a8f4bc89968e0bf514679b9645be09a8d44239d782660a86dbb68360c62ed9a7bfe6871895cc67da
SSDEEP

6144:GBvV8KdpmmIGXsDSRkV0z6IMc9SPoajdz51IR7qb20WFP/XauRWnCSeL1o5VY9W:GBtZTwBDSF39zRm6KuKCSC1XW

Score

9^/10

evasion

Static task

static1

Behavioral task

behavioral1

Sample

b99ee8126be007b88fdc2dc789cb1010N.exe

Resource

win7-20240708-en

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

b99ee8126be007b88fdc2dc789cb1010N.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

12 signatures

120 seconds

Malware Config

Targets

- Target
  
  b99ee8126be007b88fdc2dc789cb1010N.exe
- Size
  
  500KB
- MD5
  
  b99ee8126be007b88fdc2dc789cb1010
- SHA1
  
  c2285d84d81c426bb61ac59c85ed865b7e167e1e
- SHA256
  
  bfb8d125de82f20e584a99360f04a3879bd6d472108f3f046f9e45dcb809e9d5
- SHA512
  
  5c73fce265dcd906f277f255d401470c1e3fda005de5aac6a8f4bc89968e0bf514679b9645be09a8d44239d782660a86dbb68360c62ed9a7bfe6871895cc67da
- SSDEEP
  
  6144:GBvV8KdpmmIGXsDSRkV0z6IMc9SPoajdz51IR7qb20WFP/XauRWnCSeL1o5VY9W:GBtZTwBDSF39zRm6KuKCSC1XW
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy