0d5fbb4d6e1ca72c237f7b24d296e46c15fc974802cf324bcac918e0959b66e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d5fbb4d6e1ca72c237f7b24d296e46c15fc974802cf324bcac918e0959b66e3
Size

1.3MB
Sample

230326-h2ps2shg31
MD5

45b0836ce023bb4cfc9b5710718b3d5d
SHA1

d817fb6ca95ded6ae06e4e0f1a115c989b8c3b82
SHA256

0d5fbb4d6e1ca72c237f7b24d296e46c15fc974802cf324bcac918e0959b66e3
SHA512

3d9a95992a0166bf496a30bd14ee232610a1ea0d94dfc92084d96048930505224bb0d2bfd386f77a4c187f4308976499fc35432d989d5fae13bfa17e5bd89296
SSDEEP

24576:gJr8tE+gHqok+3cSI+xALeihdY83jyjLS5/RlGCFzG2ZFKji3MK:gJ4NokDSXxALeih73jqLg5Mu9FWi8K

Score

7^/10

Malware Config

Targets

- Target
  
  0d5fbb4d6e1ca72c237f7b24d296e46c15fc974802cf324bcac918e0959b66e3
- Size
  
  1.3MB
- MD5
  
  45b0836ce023bb4cfc9b5710718b3d5d
- SHA1
  
  d817fb6ca95ded6ae06e4e0f1a115c989b8c3b82
- SHA256
  
  0d5fbb4d6e1ca72c237f7b24d296e46c15fc974802cf324bcac918e0959b66e3
- SHA512
  
  3d9a95992a0166bf496a30bd14ee232610a1ea0d94dfc92084d96048930505224bb0d2bfd386f77a4c187f4308976499fc35432d989d5fae13bfa17e5bd89296
- SSDEEP
  
  24576:gJr8tE+gHqok+3cSI+xALeihdY83jyjLS5/RlGCFzG2ZFKji3MK:gJ4NokDSXxALeih73jqLg5Mu9FWi8K
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1