4b0da03a819d6fd43e4632521e98e5b7206343fb88fc84ab120255a9ab530d1a | Triage

Submit
Reports

Overview

overview

7

Static

static

7

Device/Har...10.exe

windows7-x64

7

Device/Har...10.exe

windows10-2004-x64

7

Sharing

General

Target

3.5.5_46010.exe
Size

2.0MB
Sample

240701-ew9dqayhrp
MD5

f5f6abd3de579fc72ff366ff51465f93
SHA1

1029fa9840deb853838bee703e15ceba7da9cd40
SHA256

4b0da03a819d6fd43e4632521e98e5b7206343fb88fc84ab120255a9ab530d1a
SHA512

a3f6d361bf9b7dcb50d0fc73f1c962a81d7042c61cf7b511989a1bd71518b23f929aae0bd677f3777913d42db9bb138585a1da4ef28c528cbe819b2dee7df16d
SSDEEP

49152:jZGd9L1Y8nISQ/a7ViQGWGUAqj+Olh75rlQZi3+gd:ML1hISQ/aByKAFOlh75rSZkd

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Device/HarddiskVolume5/USERS/Administrator/AppData/Local/Temp/HYDF2AB.tmp.1644086939_permissionsCopy/updates/3.5.5_46010.exe

Resource

win7-20240508-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Device/HarddiskVolume5/USERS/Administrator/AppData/Local/Temp/HYDF2AB.tmp.1644086939_permissionsCopy/updates/3.5.5_46010.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  Device/HarddiskVolume5/USERS/Administrator/AppData/Local/Temp/HYDF2AB.tmp.1644086939_permissionsCopy/updates/3.5.5_46010.exe
- Size
  
  2.0MB
- MD5
  
  3dffcaaffa5b777a02aa531f5bad41e7
- SHA1
  
  70afb27f75f612710181e0069a1d59690e1528db
- SHA256
  
  e30d28b6fe4eea1e4d7390897897f6beecb5c805bba810c5b1119e48272947f6
- SHA512
  
  5bb726fbc57b6b831084d6f58c949a878df2ea39fff9c2bd0df209bebad90c98a4cfb2290b89440313641f51c9fdfa171fe05f58599f839629bac17cb2faa299
- SSDEEP
  
  24576:Gebxzp1tSXaXpzKCIUSKZl7fBlX9mlln2OCehr/kYoFlUo5SEFW31alR1AEdxWmU:xbf10asOltltckTe96m3ETxW21nuxC
Score

7^/10

evasion upx
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy