d5264004990a1ad95476ca9ca31ea7b797d220aa568e8500605e38e5d6726504 | Triage

Sharing

General

Target

d5264004990a1ad95476ca9ca31ea7b797d220aa568e8500605e38e5d6726504
Size

207KB
Sample

230608-gkmrpacg56
MD5

af152164d8ee730a39b57d9a993babb3
SHA1

14d47e8595495e6fcb22a18727094b8d973e14fd
SHA256

d5264004990a1ad95476ca9ca31ea7b797d220aa568e8500605e38e5d6726504
SHA512

72c0a9c4ad75638dca47a531dd4d82f272955535ae82a63d56e263f5b4ee9ef1a0e43bf80d7b665ae3e0082ef17aabe645e62db4e1f50dce0231f7dee0930ae8
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  d5264004990a1ad95476ca9ca31ea7b797d220aa568e8500605e38e5d6726504
- Size
  
  207KB
- MD5
  
  af152164d8ee730a39b57d9a993babb3
- SHA1
  
  14d47e8595495e6fcb22a18727094b8d973e14fd
- SHA256
  
  d5264004990a1ad95476ca9ca31ea7b797d220aa568e8500605e38e5d6726504
- SHA512
  
  72c0a9c4ad75638dca47a531dd4d82f272955535ae82a63d56e263f5b4ee9ef1a0e43bf80d7b665ae3e0082ef17aabe645e62db4e1f50dce0231f7dee0930ae8
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1