0f31aa7c8e70b99b6db6703f79c982f2662eb42a5e2ae2aa03b2f8cac09214f1 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

ProductInfo.xml

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

ProductInfo.xml
Size

169B
Sample

240726-r2taxaxenf
MD5

54417a6e610b56024b2e13d22158231d
SHA1

84df0e377aebd6f692194c26b1d15ec95497874f
SHA256

0f31aa7c8e70b99b6db6703f79c982f2662eb42a5e2ae2aa03b2f8cac09214f1
SHA512

ebdf12ebac22f9d732850c614a1e708323eee2cd8ad7c42e259c7ba02c845b70747abb89a7ee074224b09b957fc4427bffb4236ab15591c5f7d7c7c32d199bcf

Score

7^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

ProductInfo.xml

Resource

win10v2004-20240709-en

windows10-2004-x64

16 signatures

300 seconds

Malware Config

Targets

- Target
  
  ProductInfo.xml
- Size
  
  169B
- MD5
  
  54417a6e610b56024b2e13d22158231d
- SHA1
  
  84df0e377aebd6f692194c26b1d15ec95497874f
- SHA256
  
  0f31aa7c8e70b99b6db6703f79c982f2662eb42a5e2ae2aa03b2f8cac09214f1
- SHA512
  
  ebdf12ebac22f9d732850c614a1e708323eee2cd8ad7c42e259c7ba02c845b70747abb89a7ee074224b09b957fc4427bffb4236ab15591c5f7d7c7c32d199bcf
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy