e46c0a07f6772ec6a3d95a2e12e884cc55288e637bdd04766565396837cda7a4 | Triage

Sharing

General

Target

File-PC.Building.Simulator.2.v1.5.17_358638.zip
Size

16.8MB
Sample

231011-m4llmacb55
MD5

412ffce80d4c946339ad85094f51db0d
SHA1

f9f29ca92e11a6d2b8f9029b3aba3ab438552c68
SHA256

e46c0a07f6772ec6a3d95a2e12e884cc55288e637bdd04766565396837cda7a4
SHA512

5df8ed91a85a666189ac4d72145996d72bc86ba2541f1a4221a5a31e0eb241b473ce64fa7b277569a4015ca995de6ccec279f15c8b6a0dc739f333d78b58d768
SSDEEP

393216:NAs83bI3hncNJEtAcD3t7ToO9M3473SRhR4C9hm8Y5j9Y:NZnxXRfXf7CFThc5ZY

Score

8^/10

Malware Config

Targets

- Target
  
  StartSetup_20221.exe
- Size
  
  18.8MB
- MD5
  
  3989246e81005c43b0865655c59d0ece
- SHA1
  
  38ca443935b2f838754350f388c98f83b2715a6d
- SHA256
  
  d4a504a3b826fe6195ad48e581501113af45e81863439ad533528635703aad7e
- SHA512
  
  3b2dd3d30810b820ace3f5634d2a1be9e9d660f0bda99c159e0156b47c0997a5363e71a7db24d4f21825a22cf4949ba48e38c707cb49cf9c723202647dad5739
- SSDEEP
  
  393216:m7821FeLhz+Pte1eghZR7FMoTC9c7JaHjfEC/nm2oBNtg:n/9x5pNb7cTpnwBHg
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2