dc0bba54dc123ee0d029d0b7cfb2cbd0666417203cad460d9d42a60a0e736bcf | Triage

Sharing

General

Target

pharmacy_3_0_160808.exe
Size

17.9MB
Sample

230614-p5a8dshc26
MD5

e075a2ae385e716722636d43deba48a5
SHA1

8bbde4c30a63dce4f27da9a95f950bee9022da3e
SHA256

dc0bba54dc123ee0d029d0b7cfb2cbd0666417203cad460d9d42a60a0e736bcf
SHA512

3b643a02729fc43291278b59cb847ca993083aac676b94499a4f6aef5ca3e7ce4ea1e125c7523a4b1d448fb3762386dbd9cffa5f76e0417100a3d1bdc4a11baf
SSDEEP

393216:qBLmbGbT1uyHwb5TZgfGbrw4s/fxCS9PZv6GPdo/hJS+5lixTmmQTq5lAW:8miVuywbcgrw4u5bZS0mNlcSiXAW

Score

7^/10

Malware Config

Targets

- Target
  
  pharmacy_3_0_160808.exe
- Size
  
  17.9MB
- MD5
  
  e075a2ae385e716722636d43deba48a5
- SHA1
  
  8bbde4c30a63dce4f27da9a95f950bee9022da3e
- SHA256
  
  dc0bba54dc123ee0d029d0b7cfb2cbd0666417203cad460d9d42a60a0e736bcf
- SHA512
  
  3b643a02729fc43291278b59cb847ca993083aac676b94499a4f6aef5ca3e7ce4ea1e125c7523a4b1d448fb3762386dbd9cffa5f76e0417100a3d1bdc4a11baf
- SSDEEP
  
  393216:qBLmbGbT1uyHwb5TZgfGbrw4s/fxCS9PZv6GPdo/hJS+5lixTmmQTq5lAW:8miVuywbcgrw4u5bZS0mNlcSiXAW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2