7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6 | Triage

Sharing

General

Target

7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6
Size

93KB
Sample

220520-2yblssbbfk
MD5

87ab3c97f998f8ed39ed7222fd550778
SHA1

8fcd2ac075ef9cba0953686d1702960ac24c3933
SHA256

7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6
SHA512

87525fb6607882d0b1984f3e5f45021c0b932c1c66fad776cedcb8557a9cb5f391f10ad9c393aed91a53e95e27de72353dad195d78b324884fae775572449a49

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6
- Size
  
  93KB
- MD5
  
  87ab3c97f998f8ed39ed7222fd550778
- SHA1
  
  8fcd2ac075ef9cba0953686d1702960ac24c3933
- SHA256
  
  7d51b570cc6f8bc38ec5c74644442fbabd0b6fb2a67db2b80cc814b1737452e6
- SHA512
  
  87525fb6607882d0b1984f3e5f45021c0b932c1c66fad776cedcb8557a9cb5f391f10ad9c393aed91a53e95e27de72353dad195d78b324884fae775572449a49
Score

8^/10

evasion
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2