5d30bdb682b98fdd159451d59a5293ab52d9680d75dbe6e60d6914b0461a88cc | Triage

Sharing

General

Target

Document_772-998.zip.zip
Size

7KB
Sample

230411-gxea3sag72
MD5

0188b11c1f824b4fa5d21dbe932a0920
SHA1

966a657908486868621e80a3a2ec457fec3cca87
SHA256

5d30bdb682b98fdd159451d59a5293ab52d9680d75dbe6e60d6914b0461a88cc
SHA512

95bf854cbf6d420e0c3298137b79693fb636e108a2acd6bee4ec4f982406894135129941a5a5a1b8700ef3ef5391103c31ca4d0da69c966667b0f56fd6723f77
SSDEEP

192:2U9Kv78/7Eeki6PSDDhyizjKReAgzV1bJp+0p+ft:2U9Kv7EkkHK0bJ00pWt

Score

7^/10

Malware Config

Targets

- Target
  
  Document_772-998.scr
- Size
  
  19KB
- MD5
  
  833f2bf90ca2e44883a6c92c538e2da2
- SHA1
  
  bbf0ae00e90fd09cd156ab19e31e33024737cd41
- SHA256
  
  0d28d2dff106109c2510c2c4ea74432d5927c51f5a464961cddc60331ad79ab7
- SHA512
  
  5cf0c2c11aa10c7cc1dcc53613fd4b8f344d97cccf42bb0e67449381aed34e5afa4ed67922b41b9a91e0df97acf4aea06a2b979217e7eef2abed388d4ddb4fa7
- SSDEEP
  
  192:mwSjynYPlAEunDY2qmilXyzSXR1Rpw1oynFQ9Nk7l6p1V+yd6XslAhseCEmR3qEx:mwSmnYWhY2RYA1zQ3TuNE
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2