General
-
Target
virussign.com_c57a5db6f759d84dc42afc684b740aa0.vir
-
Size
9.1MB
-
Sample
241027-wwxhlazgrc
-
MD5
c57a5db6f759d84dc42afc684b740aa0
-
SHA1
3186eba9eb9a512e5733c51cd430c6ed39259d65
-
SHA256
35ac6835ac6ad3ca8bf92015884519f98d843905a66c3be843b51e625505c25f
-
SHA512
45fc85133b1a594494e7642b0bdeddf37aea714ec7aeb938edf24336f2d8cf36aa9623162ef31ceb4c3eebf207341be5fa2a13274c86edf3c41ea33742c3f32f
-
SSDEEP
196608:IUbs73fxyI4Sfe0QrP/LDBu+0HFAdrUpUWiHoZyEAZ+FcAjoSZF:IUbG3fxn4S/ghu+UAFUpUWiHowMcWoO
Static task
static1
Behavioral task
behavioral1
Sample
virussign.com_c57a5db6f759d84dc42afc684b740aa0.exe
Resource
win7-20240708-es
Behavioral task
behavioral2
Sample
virussign.com_c57a5db6f759d84dc42afc684b740aa0.exe
Resource
win10ltsc2021-20241023-es
Behavioral task
behavioral3
Sample
virussign.com_c57a5db6f759d84dc42afc684b740aa0.exe
Resource
win11-20241007-es
Malware Config
Targets
-
-
Target
virussign.com_c57a5db6f759d84dc42afc684b740aa0.vir
-
Size
9.1MB
-
MD5
c57a5db6f759d84dc42afc684b740aa0
-
SHA1
3186eba9eb9a512e5733c51cd430c6ed39259d65
-
SHA256
35ac6835ac6ad3ca8bf92015884519f98d843905a66c3be843b51e625505c25f
-
SHA512
45fc85133b1a594494e7642b0bdeddf37aea714ec7aeb938edf24336f2d8cf36aa9623162ef31ceb4c3eebf207341be5fa2a13274c86edf3c41ea33742c3f32f
-
SSDEEP
196608:IUbs73fxyI4Sfe0QrP/LDBu+0HFAdrUpUWiHoZyEAZ+FcAjoSZF:IUbG3fxn4S/ghu+UAFUpUWiHowMcWoO
-
Downloads MZ/PE file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1JavaScript
1Scheduled Task/Job
1Scheduled Task
1Defense Evasion
Indicator Removal
1File Deletion
1Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1Discovery
Browser Information Discovery
1Peripheral Device Discovery
1Query Registry
3Remote System Discovery
1System Information Discovery
3System Location Discovery
1System Language Discovery
1System Network Configuration Discovery
1Internet Connection Discovery
1System Time Discovery
1