d4f8778ffe23a475dc8a831fcc4d82d3e040b47048cd6d990678f7e42775f281 | Triage

Sharing

General

Target

d4f8778ffe23a475dc8a831fcc4d82d3e040b47048cd6d990678f7e42775f281
Size

207KB
Sample

230608-evatrsbh63
MD5

36116e4061142314c5e69c9168bc9f8b
SHA1

331f4bdf94af7e27d133e97a09223b142d5ed9a5
SHA256

d4f8778ffe23a475dc8a831fcc4d82d3e040b47048cd6d990678f7e42775f281
SHA512

be600b3f3fe21fc54fbe50f08aa71ef08cde36eab0af8c2ff0e8c094739acbb9e4044a3ec6de1983e9cc07cab9a9c2150a73c9c33a3792342e1eb19b82037d45
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  d4f8778ffe23a475dc8a831fcc4d82d3e040b47048cd6d990678f7e42775f281
- Size
  
  207KB
- MD5
  
  36116e4061142314c5e69c9168bc9f8b
- SHA1
  
  331f4bdf94af7e27d133e97a09223b142d5ed9a5
- SHA256
  
  d4f8778ffe23a475dc8a831fcc4d82d3e040b47048cd6d990678f7e42775f281
- SHA512
  
  be600b3f3fe21fc54fbe50f08aa71ef08cde36eab0af8c2ff0e8c094739acbb9e4044a3ec6de1983e9cc07cab9a9c2150a73c9c33a3792342e1eb19b82037d45
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1