fba96e868077231f053067b363176b085ef55ba3c89bb45c91f2b0fb9231e4d5 | Triage

Sharing

General

Target

AVG_Removal.exe
Size

7.6MB
Sample

230612-s16qaadd4y
MD5

4e1f5a2c65836b1e54fb07461a174fb9
SHA1

dafc99bcedec0c057b1e0f6522a85e2e381751bb
SHA256

fba96e868077231f053067b363176b085ef55ba3c89bb45c91f2b0fb9231e4d5
SHA512

0a0d1967a7835be60f3353fe2ff83257b7a71ae0611fabba9102be36e89dfadf71b413f1612a0ccb1cfbbfffa6a0975fac4ffe8230143fb2c0698e148070b771
SSDEEP

196608:iniwpCSa5vFwvAmcyFc7KACVulSigNWLxkli/QKZrS:inuyAmGhWuGOv/dm

Score

7^/10

Malware Config

Targets

- Target
  
  AVG_Removal.exe
- Size
  
  7.6MB
- MD5
  
  4e1f5a2c65836b1e54fb07461a174fb9
- SHA1
  
  dafc99bcedec0c057b1e0f6522a85e2e381751bb
- SHA256
  
  fba96e868077231f053067b363176b085ef55ba3c89bb45c91f2b0fb9231e4d5
- SHA512
  
  0a0d1967a7835be60f3353fe2ff83257b7a71ae0611fabba9102be36e89dfadf71b413f1612a0ccb1cfbbfffa6a0975fac4ffe8230143fb2c0698e148070b771
- SSDEEP
  
  196608:iniwpCSa5vFwvAmcyFc7KACVulSigNWLxkli/QKZrS:inuyAmGhWuGOv/dm
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2