205123268468fd206ef6cea6a05247bb216714b7973f922bde71141ef8c7e96d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.DropperX-gen.16140.24571.exe
Size

1.9MB
Sample

231012-vatzxacb9s
MD5

1211d0d152c62ccfa12aa70242fea748
SHA1

eaef6cd943cefd9a06343f8f94fcb1adc5728cb5
SHA256

205123268468fd206ef6cea6a05247bb216714b7973f922bde71141ef8c7e96d
SHA512

331f31ff3337f6ea2c80ee4fd9ea69a70c864dc004bcbc7fe531d481ac114657825ccafc275803caa8b1d4361f9d4df8163af1fd38d0db894ce2e3144629dcf6
SSDEEP

49152:xWhlkLBfJXAEXPpxvTvD54ryFrKvygbi5sKvaEKAmC0eJNPhsE7I+wA:xWhl0BfKEBx7vDhG6HDvBKveNZRM+n

Score

7^/10

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Win32.DropperX-gen.16140.24571.exe
- Size
  
  1.9MB
- MD5
  
  1211d0d152c62ccfa12aa70242fea748
- SHA1
  
  eaef6cd943cefd9a06343f8f94fcb1adc5728cb5
- SHA256
  
  205123268468fd206ef6cea6a05247bb216714b7973f922bde71141ef8c7e96d
- SHA512
  
  331f31ff3337f6ea2c80ee4fd9ea69a70c864dc004bcbc7fe531d481ac114657825ccafc275803caa8b1d4361f9d4df8163af1fd38d0db894ce2e3144629dcf6
- SSDEEP
  
  49152:xWhlkLBfJXAEXPpxvTvD54ryFrKvygbi5sKvaEKAmC0eJNPhsE7I+wA:xWhl0BfKEBx7vDhG6HDvBKveNZRM+n
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2