405711995f6a3c1eb78b121f91b769509fe69fb216a6e7115f416327c3b4bd77 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

405711995f...7N.exe

windows7-x64

7

405711995f...7N.exe

windows10-2004-x64

7

Sharing

General

Target

405711995f6a3c1eb78b121f91b769509fe69fb216a6e7115f416327c3b4bd77N
Size

34KB
Sample

240919-gyzcmsvarb
MD5

ecfa895afaf344e90ea5bc2fe3c37700
SHA1

d9d643073b4089ded6505ac8f6f283fbf4271adb
SHA256

405711995f6a3c1eb78b121f91b769509fe69fb216a6e7115f416327c3b4bd77
SHA512

706ae69f69af2d538442cdd01c84ea20e5a02108559c7ba2de9ef5f6a929b5eee3c19399775220b721eef08a288ef3c83a96c0c12382513da83d75197a094449
SSDEEP

768:F22jpAzhjQo8hR/4cxgBLrjyP2/yWBMQo1afeTE5sT9M3jPEa:IYiJLrjyey6eM5sTOTr

Score

7^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

405711995f6a3c1eb78b121f91b769509fe69fb216a6e7115f416327c3b4bd77N.exe

Resource

win7-20240903-en

windows7-x64

10 signatures

120 seconds

Behavioral task

behavioral2

Sample

405711995f6a3c1eb78b121f91b769509fe69fb216a6e7115f416327c3b4bd77N.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

11 signatures

120 seconds

Malware Config

Targets

- Target
  
  405711995f6a3c1eb78b121f91b769509fe69fb216a6e7115f416327c3b4bd77N
- Size
  
  34KB
- MD5
  
  ecfa895afaf344e90ea5bc2fe3c37700
- SHA1
  
  d9d643073b4089ded6505ac8f6f283fbf4271adb
- SHA256
  
  405711995f6a3c1eb78b121f91b769509fe69fb216a6e7115f416327c3b4bd77
- SHA512
  
  706ae69f69af2d538442cdd01c84ea20e5a02108559c7ba2de9ef5f6a929b5eee3c19399775220b721eef08a288ef3c83a96c0c12382513da83d75197a094449
- SSDEEP
  
  768:F22jpAzhjQo8hR/4cxgBLrjyP2/yWBMQo1afeTE5sT9M3jPEa:IYiJLrjyey6eM5sTOTr
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy