ac3195f7ced04d5042e462ff8253575143d75b2a1cc7b446002574b6df304475 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac3195f7ced04d5042e462ff8253575143d75b2a1cc7b446002574b6df304475
Size

368KB
Sample

230112-lzxbwsff66
MD5

174034b96e679cc5560c181fb0aaac06
SHA1

d9a544cade1305dd8632fa821d011120b5aedf6d
SHA256

ac3195f7ced04d5042e462ff8253575143d75b2a1cc7b446002574b6df304475
SHA512

e2dd68ac38120313394fd6e321280c51bad5a7a30a73ca85f3d04c307657978b182c9016724adace3de5d7b72d90121ade4c6b55b869f9aac9b546db14c15c14
SSDEEP

6144:gHkLWRYYbNus2E/dknEQ0l8EVLFgWXrKQ6naaG28Rrq5gq+:gHk6aYb0EGnEQ0ltZH7KQ6naafOq5

Score

8^/10

Malware Config

Targets

- Target
  
  ac3195f7ced04d5042e462ff8253575143d75b2a1cc7b446002574b6df304475
- Size
  
  368KB
- MD5
  
  174034b96e679cc5560c181fb0aaac06
- SHA1
  
  d9a544cade1305dd8632fa821d011120b5aedf6d
- SHA256
  
  ac3195f7ced04d5042e462ff8253575143d75b2a1cc7b446002574b6df304475
- SHA512
  
  e2dd68ac38120313394fd6e321280c51bad5a7a30a73ca85f3d04c307657978b182c9016724adace3de5d7b72d90121ade4c6b55b869f9aac9b546db14c15c14
- SSDEEP
  
  6144:gHkLWRYYbNus2E/dknEQ0l8EVLFgWXrKQ6naaG28Rrq5gq+:gHk6aYb0EGnEQ0ltZH7KQ6naafOq5
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1