383039e73c92a8a99307d6c28896ce8e678cfeaacd52f6ab2dcd87ba0d05d5c3 | Triage

Sharing

General

Target

Windows-Build-for-Microsoft-Windows-Developers.exe
Size

100.3MB
Sample

230703-t7g6yaae6w
MD5

3b8447945246a2eb5613000774acf43c
SHA1

af40fabcd5e1e6240e71d46ce5d5c88e2ba87d82
SHA256

383039e73c92a8a99307d6c28896ce8e678cfeaacd52f6ab2dcd87ba0d05d5c3
SHA512

c6b4395d98c633db1dcabb9c923d48fb556cd526a224cf727330e5823a23c7ebf878d97a2c2888939c2540efcfb34295ac170fb44e7e141fa2def685c578d411
SSDEEP

6144:eTouKrWBEu3/Z2lpGDHU3ykJSL7i/yO7zX:eToPWBv/cpGrU3yDL7myu

Score

7^/10

Malware Config

Targets

- Target
  
  Windows-Build-for-Microsoft-Windows-Developers.exe
- Size
  
  100.3MB
- MD5
  
  3b8447945246a2eb5613000774acf43c
- SHA1
  
  af40fabcd5e1e6240e71d46ce5d5c88e2ba87d82
- SHA256
  
  383039e73c92a8a99307d6c28896ce8e678cfeaacd52f6ab2dcd87ba0d05d5c3
- SHA512
  
  c6b4395d98c633db1dcabb9c923d48fb556cd526a224cf727330e5823a23c7ebf878d97a2c2888939c2540efcfb34295ac170fb44e7e141fa2def685c578d411
- SSDEEP
  
  6144:eTouKrWBEu3/Z2lpGDHU3ykJSL7i/yO7zX:eToPWBv/cpGrU3yDL7myu
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2