51c9fed0934c45e9c513b79002312e727eaa8557b4f5b614ac97ee2a39097964 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51c9fed0934c45e9c513b79002312e727eaa8557b4f5b614ac97ee2a39097964
Size

205KB
Sample

230607-vsemyadd74
MD5

97db5acb54ac1dc11ee06c37f1b56c7e
SHA1

a6bb8807fc17e80de6b52073969cb40ddd0b838f
SHA256

51c9fed0934c45e9c513b79002312e727eaa8557b4f5b614ac97ee2a39097964
SHA512

7693663e9bfec08330ed1ce8f4aa61d15bd0508475ceb225aaf9648026fc04151975be928c0661222582198505eec8599edd7297c2cfbeb89ae61825c5ac160a
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  51c9fed0934c45e9c513b79002312e727eaa8557b4f5b614ac97ee2a39097964
- Size
  
  205KB
- MD5
  
  97db5acb54ac1dc11ee06c37f1b56c7e
- SHA1
  
  a6bb8807fc17e80de6b52073969cb40ddd0b838f
- SHA256
  
  51c9fed0934c45e9c513b79002312e727eaa8557b4f5b614ac97ee2a39097964
- SHA512
  
  7693663e9bfec08330ed1ce8f4aa61d15bd0508475ceb225aaf9648026fc04151975be928c0661222582198505eec8599edd7297c2cfbeb89ae61825c5ac160a
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1