58a2d26b49ff6c1c3842d5805800d00e7aa60fab32a48a1244de30622fc8e6fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58a2d26b49ff6c1c3842d5805800d00e7aa60fab32a48a1244de30622fc8e6fc
Size

161KB
Sample

220919-px3bxahcf3
MD5

78f95f308204b1520e60b670772fc857
SHA1

d22403b835b6ca49253bc3891adff9e8708c11a9
SHA256

58a2d26b49ff6c1c3842d5805800d00e7aa60fab32a48a1244de30622fc8e6fc
SHA512

f59939e7bc260b1da3f0f003d2fda9aef98bd0c815228dd841065ca80ddf0cfa842e65ae2fa69e91faca673027724e3b1ef919fc894945d30cfa653f4a704bae
SSDEEP

3072:FYP2XerzhOUxu/XUtauF8iJkZPB6jQxwv8YC5z41LNG:Fu2urzh9xu/XkauF5JgPB68xvF5zeY

Score

8^/10

Malware Config

Targets

- Target
  
  58a2d26b49ff6c1c3842d5805800d00e7aa60fab32a48a1244de30622fc8e6fc
- Size
  
  161KB
- MD5
  
  78f95f308204b1520e60b670772fc857
- SHA1
  
  d22403b835b6ca49253bc3891adff9e8708c11a9
- SHA256
  
  58a2d26b49ff6c1c3842d5805800d00e7aa60fab32a48a1244de30622fc8e6fc
- SHA512
  
  f59939e7bc260b1da3f0f003d2fda9aef98bd0c815228dd841065ca80ddf0cfa842e65ae2fa69e91faca673027724e3b1ef919fc894945d30cfa653f4a704bae
- SSDEEP
  
  3072:FYP2XerzhOUxu/XUtauF8iJkZPB6jQxwv8YC5z41LNG:Fu2urzh9xu/XkauF5JgPB68xvF5zeY
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2