fbd567c08b493a4c406fcd4d9a6d7403dc572f9b4c50fc4a56d37982c25dc457 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1487614467_2491942d8cd5807cd4615a07ad26a54a.virus.bin
Size

670KB
Sample

231128-hkvyqsga2y
MD5

2491942d8cd5807cd4615a07ad26a54a
SHA1

af42866f0a4fbd9d481a845120cadb1dbad289d1
SHA256

fbd567c08b493a4c406fcd4d9a6d7403dc572f9b4c50fc4a56d37982c25dc457
SHA512

4d13c43f334336639c767b5a9a61f1b1154a319646c7d0948cbbc8309fce5f851c96efb25c76da9c3dfa7b4b6ba4348294ab1236f84de8bc78a7937b5244b414
SSDEEP

12288:y2063nrFLBPTUqFqtEyAkH+snjm+mnWQqOWESZ9:y2063ZFrIjm+gW3OWrZ9

Score

7^/10

Malware Config

Targets

- Target
  
  1487614467_2491942d8cd5807cd4615a07ad26a54a.virus.bin
- Size
  
  670KB
- MD5
  
  2491942d8cd5807cd4615a07ad26a54a
- SHA1
  
  af42866f0a4fbd9d481a845120cadb1dbad289d1
- SHA256
  
  fbd567c08b493a4c406fcd4d9a6d7403dc572f9b4c50fc4a56d37982c25dc457
- SHA512
  
  4d13c43f334336639c767b5a9a61f1b1154a319646c7d0948cbbc8309fce5f851c96efb25c76da9c3dfa7b4b6ba4348294ab1236f84de8bc78a7937b5244b414
- SSDEEP
  
  12288:y2063nrFLBPTUqFqtEyAkH+snjm+mnWQqOWESZ9:y2063ZFrIjm+gW3OWrZ9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2