General
-
Target
bytebreaker.cc Exploit_62892647.exe
-
Size
5.7MB
-
Sample
250704-nqerlassaz
-
MD5
688165a01a09bf0a274df49a074ca7af
-
SHA1
ba2e194e9bd592f11913b1bea3ca7c7be4521f5d
-
SHA256
c7791778f6329f2ee70db33a77f9b33edac40e8c87e6e243405711361761a01f
-
SHA512
a21202b6d596a7ac1a6286b9382ee91219d48ac38f715ab48dd8520cb30506f18778d4c68ef9ecc84f8c34b69983b89fb753ee908abfb518482a682fe4ed9f30
-
SSDEEP
98304:wdbaAtnwYXQ14gGRaqkhakUkdFf0NLiivYKe9H2SnqVjDDd3/BrqNPJqDsdTSq8W:qbR8daaojnDhBrqNNow
Static task
static1
Behavioral task
behavioral1
Sample
bytebreaker.cc Exploit_62892647.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
bytebreaker.cc Exploit_62892647.exe
Resource
win11-20250610-en
Malware Config
Targets
-
-
Target
bytebreaker.cc Exploit_62892647.exe
-
Size
5.7MB
-
MD5
688165a01a09bf0a274df49a074ca7af
-
SHA1
ba2e194e9bd592f11913b1bea3ca7c7be4521f5d
-
SHA256
c7791778f6329f2ee70db33a77f9b33edac40e8c87e6e243405711361761a01f
-
SHA512
a21202b6d596a7ac1a6286b9382ee91219d48ac38f715ab48dd8520cb30506f18778d4c68ef9ecc84f8c34b69983b89fb753ee908abfb518482a682fe4ed9f30
-
SSDEEP
98304:wdbaAtnwYXQ14gGRaqkhakUkdFf0NLiivYKe9H2SnqVjDDd3/BrqNPJqDsdTSq8W:qbR8daaojnDhBrqNNow
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Downloads MZ/PE file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Password Policy Discovery
Attempt to access detailed information about the password policy used within an enterprise network.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v16
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1