d37779e16a92da7bd05eae50c64b36e2e2022eb441382be686fda4dbd1800e90 | Triage

Sharing

General

Target

d37779e16a92da7bd05eae50c64b36e2e2022eb441382be686fda4dbd1800e90
Size

538KB
Sample

231201-2cndgage7y
MD5

524665cc265015fcc38888f65e756f56
SHA1

f17590f677f27ad46f1545de2be7c1ad133fe669
SHA256

d37779e16a92da7bd05eae50c64b36e2e2022eb441382be686fda4dbd1800e90
SHA512

fe0dc1fae3ff90cf06ee803e41978b7f1a411ff55a1cce06f6e6b25959a3d5405613100954133aebdd06d01c75027d910e71abe2fd9aa560fd1bd1b3db9e9cfa
SSDEEP

12288:nWjOc6h5CDNT940FEPxTbS0qznfemAyAaJP36sFrkx5p7LZh:kcQDNTJFEPZBqznmmAyAah36sFgx5pZh

Score

7^/10

Malware Config

Targets

- Target
  
  WindowsCodecs.dll
- Size
  
  10KB
- MD5
  
  c7b906017453f3ce54da40a98c1a55ab
- SHA1
  
  5b9121f627af1b308c31f6a4711621738b09044b
- SHA256
  
  47074a6d033966d07e4587705401533ad6c5fa2b11303c520a37999337d1a1eb
- SHA512
  
  51a6cc86f5968f5b6badc4283eb2405e4d6f4ff3f7e58dcd6283d81bfef56f1a0cfcdc0dc7378a3daac6ae74e2e9f5c5290a223b51d3890bfc61431988dc4180
- SSDEEP
  
  96:VBFdaEA1lrAcH5ocDxoouJo4rvPhZJOu6sQRB0GyURTzSDQrO7V:LaEuZfDaJ/hEBZBcQrU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  calc.cmd
- Size
  
  1KB
- MD5
  
  d457ed0b51ba58273b024d449387f162
- SHA1
  
  60bf619ed079ca310a5c426d2d7ce52c5d879647
- SHA256
  
  595590fdfa9618b7f7aab5b8795f9336d71c8918f60aa88dce5d4b07c7071a5a
- SHA512
  
  3996849f9ca799be6d42c41ae9634e7b282fccf4a366756015e5f16b0e76c941189fd65776ef9bdf51b6faa3536bb4f0d27ec09552dd5a02834ed214d3beffcf
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral3 behavioral4
- Target
  
  war
- Size
  
  79KB
- MD5
  
  b66cb10e6adc64faf3269e0af489ed38
- SHA1
  
  fcaf99d63fab1290c63d664c79925ee83e8193c2
- SHA256
  
  8cc664ff412fc80485d0af61fb0617f818d37776e5a06b799f74fe0179b31768
- SHA512
  
  4c95d0eb98af70e6f4628d638b3e24a7afb7d6c4d8f63af7026105c9cc5d53cd7e9f39fa8f0544fd7f987185d6cdfb7778be3a1b533674c438ee9ac898eec26e
- SSDEEP
  
  1536:G3YdNXvfwTHcob3NcSp9e9CinEPDpyXqE45lgSBIYYdB9B1HInCVqkUAecHj:LvgTb3W0ghocXqh5O7jB9BaCsqTD
Score

1^/10
behavioral5 behavioral6
- Target
  
  war.docx
- Size
  
  85KB
- MD5
  
  31abd32ee945d702a092b6646b29012f
- SHA1
  
  b39f30aeeaa48da28242986f895b3ce37af530c8
- SHA256
  
  1f4792dadaf346969c5e4870a01629594b6c371de21f8635c95aa6aba24ef24c
- SHA512
  
  fde9bbcc701155d72e92fb2657ac4ba1825ee3547c7b61a7ea1c407206927caffc34e6fd202888318ce8baafe46f88f06ad0fe3a8c881ff0c7155dafd11bd789
- SSDEEP
  
  1536:JMpzt4de493JxXKIUYRQprRHRMY3OoipRWUMp96LMKDniNRW:JMVt4dR3JxXRrQXRkHNMv6LMKDniTW
Score

4^/10
behavioral7 behavioral8
- Target
  
  war .EXE
- Size
  
  897KB
- MD5
  
  10e4a1d2132ccb5c6759f038cdb6f3c9
- SHA1
  
  42d36eeb2140441b48287b7cd30b38105986d68f
- SHA256
  
  c6a91cba00bf87cdb064c49adaac82255cbec6fdd48fd21f9b3b96abf019916b
- SHA512
  
  9bd44afb164ab3e09a784c765cd03838d2e5f696c549fc233eb5a69cada47a8e1fb62095568cb272a80da579d9d0e124b1c27cf61bb2ac8cf6e584a722d8864d
- SSDEEP
  
  12288:MK8SOR3VRbImnDKxohj+5Q/oln46ucaOfRr5AWHeGL7GOK:MKm3MgDKGhC5GYLuca6LDod
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral10 behavioral9
- Target
  
  war.docx
- Size
  
  85KB
- MD5
  
  31abd32ee945d702a092b6646b29012f
- SHA1
  
  b39f30aeeaa48da28242986f895b3ce37af530c8
- SHA256
  
  1f4792dadaf346969c5e4870a01629594b6c371de21f8635c95aa6aba24ef24c
- SHA512
  
  fde9bbcc701155d72e92fb2657ac4ba1825ee3547c7b61a7ea1c407206927caffc34e6fd202888318ce8baafe46f88f06ad0fe3a8c881ff0c7155dafd11bd789
- SSDEEP
  
  1536:JMpzt4de493JxXKIUYRQprRHRMY3OoipRWUMp96LMKDniNRW:JMVt4dR3JxXRrQXRkHNMv6LMKDniTW
Score

4^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12