1f5586f2ecac999b24e7da82d351633dfb8ffbb329646c8d2825e6d5c998ddbe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f5586f2ecac999b24e7da82d351633dfb8ffbb329646c8d2825e6d5c998ddbe
Size

1.1MB
Sample

231225-q8lc7sfdg4
MD5

7b70f7b9019c8817ad251925804c464b
SHA1

d037d654a93109c5af7cfb14e78634780c3d875e
SHA256

1f5586f2ecac999b24e7da82d351633dfb8ffbb329646c8d2825e6d5c998ddbe
SHA512

79a9d2fac913d386adb1478aa272605ab3c76e67b7b701eaabb1db1a85b64c9cc840c98262f911a61279c0a0bd554380db9651a4fdbe62cdef95ef08dcf98466
SSDEEP

24576:gRW3N/0f/oAPoRBchI5anfOlAUAi1K6oElG4lBujFAvCyR2:g5ApamAUAQ/lG4lBmFAvZ2

Score

7^/10

Malware Config

Targets

- Target
  
  1f5586f2ecac999b24e7da82d351633dfb8ffbb329646c8d2825e6d5c998ddbe
- Size
  
  1.1MB
- MD5
  
  7b70f7b9019c8817ad251925804c464b
- SHA1
  
  d037d654a93109c5af7cfb14e78634780c3d875e
- SHA256
  
  1f5586f2ecac999b24e7da82d351633dfb8ffbb329646c8d2825e6d5c998ddbe
- SHA512
  
  79a9d2fac913d386adb1478aa272605ab3c76e67b7b701eaabb1db1a85b64c9cc840c98262f911a61279c0a0bd554380db9651a4fdbe62cdef95ef08dcf98466
- SSDEEP
  
  24576:gRW3N/0f/oAPoRBchI5anfOlAUAi1K6oElG4lBujFAvCyR2:g5ApamAUAQ/lG4lBmFAvZ2
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2