b956b4ab30e068f9f6dceeff88ff2afd7655c26c5238ab1050e5fceb8b495d01 | Triage

Sharing

General

Target

b956b4ab30e068f9f6dceeff88ff2afd7655c26c5238ab1050e5fceb8b495d01
Size

1.1MB
Sample

231115-3mqf9afg3y
MD5

b0e7027ec1db1667fe9029151eb71d28
SHA1

6cd71af8f9d3427ae55cddb713c2f3f5acb9a270
SHA256

b956b4ab30e068f9f6dceeff88ff2afd7655c26c5238ab1050e5fceb8b495d01
SHA512

fabd852767fba04f6583671bb560276048044dafefbf4159d55643701d987e735c9c7016ad08a9927e1e93cc496777f1cc64ce6954dfbb425ec9e4bd1077e3f6
SSDEEP

24576:gRW3N/0f/oAPoRBchI5anfOlAUAi1K6oElG4lBujFAvCyRE:g5ApamAUAQ/lG4lBmFAvZE

Score

7^/10

Malware Config

Targets

- Target
  
  b956b4ab30e068f9f6dceeff88ff2afd7655c26c5238ab1050e5fceb8b495d01
- Size
  
  1.1MB
- MD5
  
  b0e7027ec1db1667fe9029151eb71d28
- SHA1
  
  6cd71af8f9d3427ae55cddb713c2f3f5acb9a270
- SHA256
  
  b956b4ab30e068f9f6dceeff88ff2afd7655c26c5238ab1050e5fceb8b495d01
- SHA512
  
  fabd852767fba04f6583671bb560276048044dafefbf4159d55643701d987e735c9c7016ad08a9927e1e93cc496777f1cc64ce6954dfbb425ec9e4bd1077e3f6
- SSDEEP
  
  24576:gRW3N/0f/oAPoRBchI5anfOlAUAi1K6oElG4lBujFAvCyRE:g5ApamAUAQ/lG4lBmFAvZE
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2