b95d9a9e10c64b454f9ace6ae0a039a57ff0e7921b3ac0b986ac4319dcaa522a | Triage

Submit
Reports

Overview

overview

Static

static

3

2021...t1.exe

windows7-x64

3

2021...t1.exe

windows10-2004-x64

3

2021...t2.dll

windows7-x64

2021...t2.dll

windows10-2004-x64

2021...��.exe

windows7-x64

1

2021...��.exe

windows10-2004-x64

1

Analysis

max time kernel
95s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
24-12-2024 23:17

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2021Աְ/list1.exe

Resource

win7-20241023-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

2021Աְ/list1.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

2021Աְ/list2.dll

Resource

win7-20241010-en

metasploit backdoor discovery trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral4

Sample

2021Աְ/list2.dll

Resource

win10v2004-20241007-en

metasploit backdoor discovery trojan

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

2021Աְ/ְб.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

2021Աְ/ְб.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

2021Աְ/ְб.exe
Size

2.8MB
MD5

58c0358dff4bf8f2760ae7dcd5c8012e
SHA1

28a84efc59efa07e2d99d2cb8eb26f851864b296
SHA256

e9afde6620da93586c261d881c75f606bb6ada7937bd3ff17eb7bee0c414aa9b
SHA512

d3cc06badac46d28ff50e5be3df45a5118eec847f1582ef06cb565d351c7c1bbef66c2ad95e831fb7ffb320f8b0f0d63d474cc4ecbd4d41bced124af5bc00f1c
SSDEEP

24576:j3dadNasA928VeQTCh+y6Moc2E9Q2xza3WiLQzMT3b75m:Javg2uBTCh+y6MorE9QeZiUSb75m

Score

1^/10

Malware Config

Signatures

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

Processes

C:\Users\Admin\AppData\Local\Temp\2021Աְ\ְб.exe
"C:\Users\Admin\AppData\Local\Temp\2021Աְ\ְб.exe"
1⤵
PID:1492

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy