112b087dde6e6cc7e5728f7e4e375b67df931f9273d16a2c3fc151d1360184f5 | Triage

Sharing

General

Target

112b087dde6e6cc7e5728f7e4e375b67df931f9273d16a2c3fc151d1360184f5
Size

4.6MB
Sample

231012-hlvdlaeg33
MD5

cc7f34934623644c7c342a25c11af3d6
SHA1

69cdf705f8a9f2c6189801f9e1a0fe36721d5065
SHA256

112b087dde6e6cc7e5728f7e4e375b67df931f9273d16a2c3fc151d1360184f5
SHA512

c155ac420c58df2f1699301c82a3707576a93db2716acdef4035171afdd7fd7a0ceb633f9575d14c061437875cf7db9cbd6c6a8f267357b40bbf01c8648f571d
SSDEEP

98304:jcOxoa2orK2t+GwVbqTUwgNFU60dfKdzOJDb4v+:HoZpNFU604wN0v+

Score

8^/10

Malware Config

Targets

- Target
  
  112b087dde6e6cc7e5728f7e4e375b67df931f9273d16a2c3fc151d1360184f5
- Size
  
  4.6MB
- MD5
  
  cc7f34934623644c7c342a25c11af3d6
- SHA1
  
  69cdf705f8a9f2c6189801f9e1a0fe36721d5065
- SHA256
  
  112b087dde6e6cc7e5728f7e4e375b67df931f9273d16a2c3fc151d1360184f5
- SHA512
  
  c155ac420c58df2f1699301c82a3707576a93db2716acdef4035171afdd7fd7a0ceb633f9575d14c061437875cf7db9cbd6c6a8f267357b40bbf01c8648f571d
- SSDEEP
  
  98304:jcOxoa2orK2t+GwVbqTUwgNFU60dfKdzOJDb4v+:HoZpNFU604wN0v+
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2