3a501a1d09c5306cd69936c4ebeab69e0cae97edb94a117f6102de39bbc63f6b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a501a1d09c5306cd69936c4ebeab69e0cae97edb94a117f6102de39bbc63f6b
Size

706KB
Sample

220919-jmxqsaahek
MD5

5b7b3b5b20743c4b24bb50a46c15520e
SHA1

f2ca04d94216b544630b9434c43b45c69a7dd2ae
SHA256

3a501a1d09c5306cd69936c4ebeab69e0cae97edb94a117f6102de39bbc63f6b
SHA512

c1e9b4578ea021e34d27c5185d16b9b8c8781428878dbffe86ace18c6ce6df8daf5de6b66975d749b872d3902f5844ea7b644224c8bb58e23e8cec29ce98e7e0
SSDEEP

12288:gp/iN/mlVdtvrYeyZJf7kPK+iqBZn+D73iKHeGspbNXyAYFJvV3S9Wva:gpQ/6trYlvYPK+lqD73TeGspboXv1gN

Score

8^/10

Malware Config

Targets

- Target
  
  3a501a1d09c5306cd69936c4ebeab69e0cae97edb94a117f6102de39bbc63f6b
- Size
  
  706KB
- MD5
  
  5b7b3b5b20743c4b24bb50a46c15520e
- SHA1
  
  f2ca04d94216b544630b9434c43b45c69a7dd2ae
- SHA256
  
  3a501a1d09c5306cd69936c4ebeab69e0cae97edb94a117f6102de39bbc63f6b
- SHA512
  
  c1e9b4578ea021e34d27c5185d16b9b8c8781428878dbffe86ace18c6ce6df8daf5de6b66975d749b872d3902f5844ea7b644224c8bb58e23e8cec29ce98e7e0
- SSDEEP
  
  12288:gp/iN/mlVdtvrYeyZJf7kPK+iqBZn+D73iKHeGspbNXyAYFJvV3S9Wva:gpQ/6trYlvYPK+lqD73TeGspboXv1gN
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2