478c9fe64bea1c76c704765566ddcb53c0f2deae4242699345c045d7ccf06028 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

478c9fe64bea1c76c704765566ddcb53c0f2deae4242699345c045d7ccf06028
Size

207KB
Sample

230608-br59qaag8s
MD5

42a84fee68bc8e3a28760a7134b6eb1b
SHA1

ad2f01323ab01cb71462ce0247f1d8a286cc7d41
SHA256

478c9fe64bea1c76c704765566ddcb53c0f2deae4242699345c045d7ccf06028
SHA512

ca6d16022e908ab0e3d66b4b13306fc8b3d5908c094d5a1890961e4a2559a5e66e828dd6776fe24684ad9f9760e1124d4e2c13ddb3b6e294a02802bf979f55ac
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  478c9fe64bea1c76c704765566ddcb53c0f2deae4242699345c045d7ccf06028
- Size
  
  207KB
- MD5
  
  42a84fee68bc8e3a28760a7134b6eb1b
- SHA1
  
  ad2f01323ab01cb71462ce0247f1d8a286cc7d41
- SHA256
  
  478c9fe64bea1c76c704765566ddcb53c0f2deae4242699345c045d7ccf06028
- SHA512
  
  ca6d16022e908ab0e3d66b4b13306fc8b3d5908c094d5a1890961e4a2559a5e66e828dd6776fe24684ad9f9760e1124d4e2c13ddb3b6e294a02802bf979f55ac
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1