4d9d9db2421607fc049f08028923630f58037812cbdde86482fd7c88b7705b51 | Triage

Sharing

General

Target

06659904a294fcf214b10d1504d3c239
Size

1.4MB
Sample

231225-fkm7sacdh6
MD5

06659904a294fcf214b10d1504d3c239
SHA1

4af1207d335482b488207d302dbe01d577af9d00
SHA256

4d9d9db2421607fc049f08028923630f58037812cbdde86482fd7c88b7705b51
SHA512

c8f44fd12a3ae026528c24d38f46132bfb2ed924959bf0f09e9f7ab357768c8f1fe0ad446e3a6a9ba99ebdf453919939c5ffda5c183b99b8900cf980ffd537e7
SSDEEP

24576:ZqqGdInbABQsPjur3LFFPLrR5vK73gdAijQcFFTg9MUYdteQIrkT708kH3cXJZU:9Gs8BQaaLpFPXri73geijQcFFm6rok3u

Score

7^/10

Malware Config

Targets

- Target
  
  DNF战马0806A【全屏秒杀+超级倍功】.exe
- Size
  
  1.5MB
- MD5
  
  edda6be08f15c7a1136ef79b4282c3a7
- SHA1
  
  338d48e4397e6c18dfc64e498658fd686f798c2a
- SHA256
  
  c397c2837bfe13770201caa2c508073cbdfd8095593e560c62d1f52a69bd19ce
- SHA512
  
  37ffa5711c538ddb125de0bd877bc6964c3408dd3396898be686ba70991f8d35833eba3929a650d09a1c3aefbcd9eccb3e1be039b93a1b008a9f75e8b94378e5
- SSDEEP
  
  24576:DkWAAuqR/mHIvV+2FuxJDtwziDIOlS8TXbED7ZJC08epMCKD8KlJoxN4pEyV6sJs:DMovQxxJDo+IOlHXOiYpGQKESsmNRe
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2