5d72f5b75da7764741b29bc66694d3b2286bdd70302e15645f11ec8950f7c4f9 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

d782000064...0N.exe

windows7-x64

1

d782000064...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

d78200006407a15296988853ad2e30e0N.exe
Size

2.9MB
Sample

240823-hrkrcashkq
MD5

d78200006407a15296988853ad2e30e0
SHA1

7dd99a02004ee0705bd766b8cce1b1b965787130
SHA256

5d72f5b75da7764741b29bc66694d3b2286bdd70302e15645f11ec8950f7c4f9
SHA512

ca41d7cfd954c2cfa6eca4c42acc603a3bc5f090ca8b0e7af77b35627f501b36adbd25e65ee66565f91c6b5fe9c5fd08904607d547ada5f818bfdb2e2c1d0a23
SSDEEP

24576:ZmcKWJsgfLIUUc6psAGwKibII1tMtUM033hBRl6qQNzScCmiR1YMVDvqIHSWWcQ7:Z6mhBsRmbH

Score

7^/10

defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d78200006407a15296988853ad2e30e0N.exe

Resource

win7-20240708-en

windows7-x64

0 signatures

120 seconds

Behavioral task

behavioral2

Sample

d78200006407a15296988853ad2e30e0N.exe

Resource

win10v2004-20240802-en

defense_evasion discovery

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  d78200006407a15296988853ad2e30e0N.exe
- Size
  
  2.9MB
- MD5
  
  d78200006407a15296988853ad2e30e0
- SHA1
  
  7dd99a02004ee0705bd766b8cce1b1b965787130
- SHA256
  
  5d72f5b75da7764741b29bc66694d3b2286bdd70302e15645f11ec8950f7c4f9
- SHA512
  
  ca41d7cfd954c2cfa6eca4c42acc603a3bc5f090ca8b0e7af77b35627f501b36adbd25e65ee66565f91c6b5fe9c5fd08904607d547ada5f818bfdb2e2c1d0a23
- SSDEEP
  
  24576:ZmcKWJsgfLIUUc6psAGwKibII1tMtUM033hBRl6qQNzScCmiR1YMVDvqIHSWWcQ7:Z6mhBsRmbH
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Indirect Command Execution
  Adversaries may abuse utilities that allow for command execution to bypass security restrictions that limit the use of command-line interpreters.
  defense_evasion
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Indirect Command Execution

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

defense_evasiondiscovery

© 2018-2025

Terms | Privacy