fa7c31b35b9eb5eda5cdbd72daabf06428f6eb34052dbcf6da55170fd1f7ae7b | Triage

Sharing

General

Target

metado.exe
Size

205KB
Sample

230529-kq4h6sbd3v
MD5

6eceb39665d130612d9fd2c973a8f686
SHA1

2e67a174f9ca6c10adbf229313f98ed0cb42df59
SHA256

fa7c31b35b9eb5eda5cdbd72daabf06428f6eb34052dbcf6da55170fd1f7ae7b
SHA512

120f0c4a319dac06b012950d3e39edbc6f931625516a65110a278846a1001f09f42a819198a0bfb0bd364da46697b877fde8ee0b04f19adfaa463248ab54f4ea
SSDEEP

3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj

Score

7^/10

Malware Config

Targets

- Target
  
  metado.exe
- Size
  
  205KB
- MD5
  
  6eceb39665d130612d9fd2c973a8f686
- SHA1
  
  2e67a174f9ca6c10adbf229313f98ed0cb42df59
- SHA256
  
  fa7c31b35b9eb5eda5cdbd72daabf06428f6eb34052dbcf6da55170fd1f7ae7b
- SHA512
  
  120f0c4a319dac06b012950d3e39edbc6f931625516a65110a278846a1001f09f42a819198a0bfb0bd364da46697b877fde8ee0b04f19adfaa463248ab54f4ea
- SSDEEP
  
  3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2