6ee1623c76030589e8b3080314913aee8c2596227d8874abf469527ad3ae5fc3 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

8d2c3399e5...0N.exe

windows7-x64

9

8d2c3399e5...0N.exe

windows10-2004-x64

9

Sharing

General

Target

8d2c3399e54a887cdd06daef2befca50N.exe
Size

498KB
Sample

240727-eh3zsayfkc
MD5

8d2c3399e54a887cdd06daef2befca50
SHA1

f010ced914b6582089c094f6f451d2908776bea2
SHA256

6ee1623c76030589e8b3080314913aee8c2596227d8874abf469527ad3ae5fc3
SHA512

19c3c767c6912b8e8e75ee48b09d6725af64aa03235b4dc596fbd8f8d178c57efbe168833075a54e89ac3bcb587b875dfb8fccc0021fc8e11ed5e1c2c932869e
SSDEEP

6144:3n4bly8sbRD3AHcRkpOrA0vWmJ/N0zmIMc+UftOyPoFjdz5C49PS3DRXQ20efxuO:3nYgBND3AHc2pn0vW46jBFOujjxuJCmM

Score

9^/10

discovery evasion

Static task

static1

Behavioral task

behavioral1

Sample

8d2c3399e54a887cdd06daef2befca50N.exe

Resource

win7-20240705-en

discovery evasion

windows7-x64

10 signatures

120 seconds

Behavioral task

behavioral2

Sample

8d2c3399e54a887cdd06daef2befca50N.exe

Resource

win10v2004-20240709-en

discovery evasion

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  8d2c3399e54a887cdd06daef2befca50N.exe
- Size
  
  498KB
- MD5
  
  8d2c3399e54a887cdd06daef2befca50
- SHA1
  
  f010ced914b6582089c094f6f451d2908776bea2
- SHA256
  
  6ee1623c76030589e8b3080314913aee8c2596227d8874abf469527ad3ae5fc3
- SHA512
  
  19c3c767c6912b8e8e75ee48b09d6725af64aa03235b4dc596fbd8f8d178c57efbe168833075a54e89ac3bcb587b875dfb8fccc0021fc8e11ed5e1c2c932869e
- SSDEEP
  
  6144:3n4bly8sbRD3AHcRkpOrA0vWmJ/N0zmIMc+UftOyPoFjdz5C49PS3DRXQ20efxuO:3nYgBND3AHc2pn0vW46jBFOujjxuJCmM
Score

9^/10

discovery evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy