2159bfb9b83d80708a9b4a81666ff2ac76c82c4d50dc94c02086e9383a8df958 | Triage

Sharing

General

Target

408355a0a90beebb6637719830b41ee5
Size

186KB
Sample

231225-2g3c7abbdq
MD5

408355a0a90beebb6637719830b41ee5
SHA1

2d479e6e65c53e5615c8420aee9309c5bea108e0
SHA256

2159bfb9b83d80708a9b4a81666ff2ac76c82c4d50dc94c02086e9383a8df958
SHA512

a18fb0fe9dfb2b4d1435300c5c31fd3a5faa55b0c90e2e84b1e7aaa9fb5680a707e3989279240d3b67d81ebb63a26b3b84f06095989aabe82e9435f6ebea93cd
SSDEEP

3072:7X7DItrfaocyTgfsqQOlJGa/UCAVa7zpBYQar3FT6rPxlivJE1uAKvsNLIkcZCsc:7saocyLCG8AVa7YL1eLxYO1DKUNL6N7g

Score

7^/10

Malware Config

Targets

- Target
  
  408355a0a90beebb6637719830b41ee5
- Size
  
  186KB
- MD5
  
  408355a0a90beebb6637719830b41ee5
- SHA1
  
  2d479e6e65c53e5615c8420aee9309c5bea108e0
- SHA256
  
  2159bfb9b83d80708a9b4a81666ff2ac76c82c4d50dc94c02086e9383a8df958
- SHA512
  
  a18fb0fe9dfb2b4d1435300c5c31fd3a5faa55b0c90e2e84b1e7aaa9fb5680a707e3989279240d3b67d81ebb63a26b3b84f06095989aabe82e9435f6ebea93cd
- SSDEEP
  
  3072:7X7DItrfaocyTgfsqQOlJGa/UCAVa7zpBYQar3FT6rPxlivJE1uAKvsNLIkcZCsc:7saocyLCG8AVa7YL1eLxYO1DKUNL6N7g
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2