4a4fcee49d16a8ee86bc64e2ec0aa3307e7eca1e26e79d01d5510fa52d5f69c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b5fbc2d90c61ba6755dbedfb28201b7
Size

15KB
Sample

231219-p8bnbshcap
MD5

2b5fbc2d90c61ba6755dbedfb28201b7
SHA1

de4e13742b6bc30be60aa732ff22a1a2a34fc55a
SHA256

4a4fcee49d16a8ee86bc64e2ec0aa3307e7eca1e26e79d01d5510fa52d5f69c1
SHA512

8e0ff7c6fd03dabded556cb9ed0c0ba18be5375d1bd7ce1338d9af1c561bbcb85b4a5e7ee98014fc4f41d677612973116a848faef2d49b62f5e7499491a3c7e6
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYyh6f:hDXWipuE+K3/SSHgxmyh6f

Score

7^/10

Malware Config

Targets

- Target
  
  2b5fbc2d90c61ba6755dbedfb28201b7
- Size
  
  15KB
- MD5
  
  2b5fbc2d90c61ba6755dbedfb28201b7
- SHA1
  
  de4e13742b6bc30be60aa732ff22a1a2a34fc55a
- SHA256
  
  4a4fcee49d16a8ee86bc64e2ec0aa3307e7eca1e26e79d01d5510fa52d5f69c1
- SHA512
  
  8e0ff7c6fd03dabded556cb9ed0c0ba18be5375d1bd7ce1338d9af1c561bbcb85b4a5e7ee98014fc4f41d677612973116a848faef2d49b62f5e7499491a3c7e6
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYyh6f:hDXWipuE+K3/SSHgxmyh6f
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2