c19d26709f78fab08e7b40e9ca8d2ba620d60e5869439a82139d2b3737e60047 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c19d26709f78fab08e7b40e9ca8d2ba620d60e5869439a82139d2b3737e60047
Size

205KB
Sample

230607-vmvf7sdd25
MD5

01072d9a593853e895a44c2c12de8d45
SHA1

a0c77a462563a24e5fef255687a568c24b14ffe9
SHA256

c19d26709f78fab08e7b40e9ca8d2ba620d60e5869439a82139d2b3737e60047
SHA512

be1fb644adc85480b75caa04e481a23d90c392f9c804977caf1910ed3f9c1a845d1f8ae90c7bca54d8dbf1a2fef7c51c8bc1e5e0b930b5648b7cec15f440193f
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  c19d26709f78fab08e7b40e9ca8d2ba620d60e5869439a82139d2b3737e60047
- Size
  
  205KB
- MD5
  
  01072d9a593853e895a44c2c12de8d45
- SHA1
  
  a0c77a462563a24e5fef255687a568c24b14ffe9
- SHA256
  
  c19d26709f78fab08e7b40e9ca8d2ba620d60e5869439a82139d2b3737e60047
- SHA512
  
  be1fb644adc85480b75caa04e481a23d90c392f9c804977caf1910ed3f9c1a845d1f8ae90c7bca54d8dbf1a2fef7c51c8bc1e5e0b930b5648b7cec15f440193f
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1