a34b663f961d9d1e667b5a6c8c1d0385102a3a3bb9345c9530410e54e0c89138 | Triage

Sharing

General

Target

a34b663f961d9d1e667b5a6c8c1d0385102a3a3bb9345c9530410e54e0c89138
Size

1MB
Sample

230125-mnlaxsfg45
MD5

74fb2f7818f324d637096a75675cfc0e
SHA1

af234d13310de6066a2c0c8601d5167c2b7ab496
SHA256

a34b663f961d9d1e667b5a6c8c1d0385102a3a3bb9345c9530410e54e0c89138
SHA512

87e6d81b1c9bbc777cc137a4b5e75df91acc28835265a967d18a278723b2614563436bbf04151a99139ac953ec93190b7d7ad6c806938a70dce0a80e6bdaa2a0
SSDEEP

12288:c/XEXxg5SJgzykSsjsappPTxKq9TUMZ6lrFDi/TJUL/j/A1dXJ0yOQG6AfIAFyw8:c/XEXjJSbjsWKKhAxET4/jWthOnrtK

Score

8^/10

Malware Config

Targets

- Target
  
  a34b663f961d9d1e667b5a6c8c1d0385102a3a3bb9345c9530410e54e0c89138
- Size
  
  1MB
- MD5
  
  74fb2f7818f324d637096a75675cfc0e
- SHA1
  
  af234d13310de6066a2c0c8601d5167c2b7ab496
- SHA256
  
  a34b663f961d9d1e667b5a6c8c1d0385102a3a3bb9345c9530410e54e0c89138
- SHA512
  
  87e6d81b1c9bbc777cc137a4b5e75df91acc28835265a967d18a278723b2614563436bbf04151a99139ac953ec93190b7d7ad6c806938a70dce0a80e6bdaa2a0
- SSDEEP
  
  12288:c/XEXxg5SJgzykSsjsappPTxKq9TUMZ6lrFDi/TJUL/j/A1dXJ0yOQG6AfIAFyw8:c/XEXjJSbjsWKKhAxET4/jWthOnrtK
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2