3b7618a381dfc87ed848de250ead19a4711cb0323d33f07548829b0bce8185e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e89a2d30de94dc47b7ced1561507cabb.exe.vir
Size

720KB
Sample

230604-hwzfasca5v
MD5

e89a2d30de94dc47b7ced1561507cabb
SHA1

a48c0afc516ce5e6ecf543a038680c3fad16586c
SHA256

3b7618a381dfc87ed848de250ead19a4711cb0323d33f07548829b0bce8185e5
SHA512

4baeb36cc37f9f5fa09ca0ac285e8ad46a83d22f0d07051e2f32ad4f78cdb1a0d79db45311bf9eb0d43053ed78e50c2e6e01dcb53de4dbd2d3e795dfd63f84b0
SSDEEP

12288:PuAJi0uVMoJMyoHlfWPZo8KApZIv6QmnIhJ72szWQ7dMJEdj20:Puku56yoYzIv6QmnIhJ727sj20

Score

7^/10

Malware Config

Targets

- Target
  
  e89a2d30de94dc47b7ced1561507cabb.exe.vir
- Size
  
  720KB
- MD5
  
  e89a2d30de94dc47b7ced1561507cabb
- SHA1
  
  a48c0afc516ce5e6ecf543a038680c3fad16586c
- SHA256
  
  3b7618a381dfc87ed848de250ead19a4711cb0323d33f07548829b0bce8185e5
- SHA512
  
  4baeb36cc37f9f5fa09ca0ac285e8ad46a83d22f0d07051e2f32ad4f78cdb1a0d79db45311bf9eb0d43053ed78e50c2e6e01dcb53de4dbd2d3e795dfd63f84b0
- SSDEEP
  
  12288:PuAJi0uVMoJMyoHlfWPZo8KApZIv6QmnIhJ72szWQ7dMJEdj20:Puku56yoYzIv6QmnIhJ727sj20
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2