2d2e603887e75f7437f944099ef06444af6700567e5a94093bc9fd5f094b9b7f | Triage

Sharing

General

Target

blue.exe
Size

304.9MB
Sample

230614-xbn66acf2z
MD5

8196b9fd3b7004fbf420935e959a298a
SHA1

4a010ac5633df4eb46bf5d2c94f80bbcc1b8b975
SHA256

2d2e603887e75f7437f944099ef06444af6700567e5a94093bc9fd5f094b9b7f
SHA512

df3f2fcc1485fa996979d6112cd71f161e9427005c8925a91da8bc668b59db16a77559ebb7305aa71ebb11d21a89d154eff7dc666f5216073d1dbffa8a980b75
SSDEEP

6291456:VJnPDnzeWfercQUEIkvU6qYeUCTtISBdwN5xm+oDhI28IxZiPMWyDjzBgOPxt:VlPjPerc/ErRqYayKwN3GI4ZoMF1Pj

Score

7^/10

Malware Config

Targets

- Target
  
  blue.exe
- Size
  
  304.9MB
- MD5
  
  8196b9fd3b7004fbf420935e959a298a
- SHA1
  
  4a010ac5633df4eb46bf5d2c94f80bbcc1b8b975
- SHA256
  
  2d2e603887e75f7437f944099ef06444af6700567e5a94093bc9fd5f094b9b7f
- SHA512
  
  df3f2fcc1485fa996979d6112cd71f161e9427005c8925a91da8bc668b59db16a77559ebb7305aa71ebb11d21a89d154eff7dc666f5216073d1dbffa8a980b75
- SSDEEP
  
  6291456:VJnPDnzeWfercQUEIkvU6qYeUCTtISBdwN5xm+oDhI28IxZiPMWyDjzBgOPxt:VlPjPerc/ErRqYayKwN3GI4ZoMF1Pj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2