b03c5aa603b464798d7cb530551dc8ea2fc5e98e164312da3d4a3cf17a31193f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b03c5aa603b464798d7cb530551dc8ea2fc5e98e164312da3d4a3cf17a31193f
Size

209KB
Sample

230608-v57t9ahb83
MD5

88fef2eee40232fc35a0533a5a49b12f
SHA1

51cd47d1849ede7b5d4616808c4980894070f681
SHA256

b03c5aa603b464798d7cb530551dc8ea2fc5e98e164312da3d4a3cf17a31193f
SHA512

1329ff661853e2d5062e00227f2666e00aea2ede105f00c77cb817acfd417f16ec0e43fc1de9f33cb4cfa178c90301928e07b63915a8ab8b6d5dc6c82855ef1b
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  b03c5aa603b464798d7cb530551dc8ea2fc5e98e164312da3d4a3cf17a31193f
- Size
  
  209KB
- MD5
  
  88fef2eee40232fc35a0533a5a49b12f
- SHA1
  
  51cd47d1849ede7b5d4616808c4980894070f681
- SHA256
  
  b03c5aa603b464798d7cb530551dc8ea2fc5e98e164312da3d4a3cf17a31193f
- SHA512
  
  1329ff661853e2d5062e00227f2666e00aea2ede105f00c77cb817acfd417f16ec0e43fc1de9f33cb4cfa178c90301928e07b63915a8ab8b6d5dc6c82855ef1b
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1