58aa4250e8e6c244dedd0889f68a0e48e1bcbec171a403d96134114ce7da50b5 | Triage

Sharing

General

Target

58aa4250e8e6c244dedd0889f68a0e48e1bcbec171a403d96134114ce7da50b5
Size

10KB
Sample

221029-r9v5gabdf4
MD5

1848500f5628bddbfdba8074c294d0f0
SHA1

084f4b429128c628f11fc4daa1858f43be3a7345
SHA256

58aa4250e8e6c244dedd0889f68a0e48e1bcbec171a403d96134114ce7da50b5
SHA512

5477375cca320a7b3ab640b204b8ca20f2dbe0f527f504ad1f6a4f72d6286928db906c5705373515803537a3104ed6a3187cecc3708de2e96d10b732b66ec982
SSDEEP

192:ainvFpZoxjHGztdETo1LSMKM2NVAmfDp323hcplQBsnY2pxu9:TFLnEEFSh1/AmfD523rqVxI

Score

7^/10

Malware Config

Targets

- Target
  
  manual_view_site_moremoney.exe
- Size
  
  79KB
- MD5
  
  7faa2b9c9f44f6529fcd468ca7766d61
- SHA1
  
  920478413f39d292e23cf5d4fbb72e720c524a71
- SHA256
  
  8d721678a07fb2387c07c941d648ef73d1ae27198d0c7e23684f4b9f44cdf1f1
- SHA512
  
  ff12620abe973cd800377a05a61717d6e6f915e7215dff103a36fe85a079ae3a77165fc4d1abdeaff0a19fe1d26f1bf47d27e90d983d784ac284f4a9506e92d1
- SSDEEP
  
  384:j8I4kBqbjESxplQYJuHGi4Pw/adI/K1l:j1gbLi4L1l
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2