839e662805115f0caf7322753b49c9864b27d562fdbe329454aa54567bb2ed3e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04b17e91f513014084743f8da38f0e21
Size

655KB
Sample

231225-et2k4agad3
MD5

04b17e91f513014084743f8da38f0e21
SHA1

2865ceaee5dc427134925bf2ab05fb9a3f1c63b7
SHA256

839e662805115f0caf7322753b49c9864b27d562fdbe329454aa54567bb2ed3e
SHA512

356529fac3290605e52b24dc6b1d40ec7d2a2fdcc0b625fef5f2a709c8aa6455cc5e97de0089a83a69679873a4ccabaa94f20069d4aac45fee0e770318052ec8
SSDEEP

12288:dslLOaBXHXgWN+LXfWP5VoaPKfcE2OjSTJVZMOvNb/1oLf:kmWN+rWcaPKhmiWNb1oLf

Score

7^/10

Malware Config

Targets

- Target
  
  04b17e91f513014084743f8da38f0e21
- Size
  
  655KB
- MD5
  
  04b17e91f513014084743f8da38f0e21
- SHA1
  
  2865ceaee5dc427134925bf2ab05fb9a3f1c63b7
- SHA256
  
  839e662805115f0caf7322753b49c9864b27d562fdbe329454aa54567bb2ed3e
- SHA512
  
  356529fac3290605e52b24dc6b1d40ec7d2a2fdcc0b625fef5f2a709c8aa6455cc5e97de0089a83a69679873a4ccabaa94f20069d4aac45fee0e770318052ec8
- SSDEEP
  
  12288:dslLOaBXHXgWN+LXfWP5VoaPKfcE2OjSTJVZMOvNb/1oLf:kmWN+rWcaPKhmiWNb1oLf
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2