8c28c791c7fb3d51619c3301068008225d13b2a9b1e080ffa85d7f34cdb2b665 | Triage

Sharing

General

Target

metado.exe
Size

212KB
Sample

230601-fsgd7sdb4y
MD5

61775e71ab7eea1eea28aa662ab7b637
SHA1

c0683c7db50b9de84325904d588b7dbc4e8110a7
SHA256

8c28c791c7fb3d51619c3301068008225d13b2a9b1e080ffa85d7f34cdb2b665
SHA512

7ed7f1c9ea4d48e8ba770023f2b4938bc8a2ac5560721c0fcc04eec1b052c9388be9cea46b686217b7a9345d1cccd696c14317c3dbaf02a6362b3dcb102e0a81
SSDEEP

3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj

Score

7^/10

Malware Config

Targets

- Target
  
  metado.exe
- Size
  
  212KB
- MD5
  
  61775e71ab7eea1eea28aa662ab7b637
- SHA1
  
  c0683c7db50b9de84325904d588b7dbc4e8110a7
- SHA256
  
  8c28c791c7fb3d51619c3301068008225d13b2a9b1e080ffa85d7f34cdb2b665
- SHA512
  
  7ed7f1c9ea4d48e8ba770023f2b4938bc8a2ac5560721c0fcc04eec1b052c9388be9cea46b686217b7a9345d1cccd696c14317c3dbaf02a6362b3dcb102e0a81
- SSDEEP
  
  3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2