2903657263c3670e4d0ce60bac9a90c63400e365e8e0349b536473bbfcbd51ed | Triage

Sharing

General

Target

8526b8f067b859b6664b8b45f0d1dd17940515b5f7a6e85eef5013fe6c678afa.exe.zip
Size

3.4MB
Sample

231231-bcxn2adag2
MD5

f286da1bd878ffbdedd7fb224fc8b502
SHA1

0691c11eee3913080ea66550e5ebec0be6e9f1ac
SHA256

2903657263c3670e4d0ce60bac9a90c63400e365e8e0349b536473bbfcbd51ed
SHA512

46afc705679ea591ae4e9a76ddc79d2d83ae9ac3e89305506f05d883e7766c77d0fa0e937c86854c1ef690da8fc90696eda54277e8263ad5ac320f49c4482ae7
SSDEEP

98304:q2Ek7trXvFqOwNZpvyYSfUeKt2hurZv2zpI2:q2Ek7xvcO6qYheKt2hzB

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  8526b8f067b859b6664b8b45f0d1dd17940515b5f7a6e85eef5013fe6c678afa.exe
- Size
  
  3.8MB
- MD5
  
  91f48db9e99e6c6244d1b9fe09457cff
- SHA1
  
  5b7875bed9ebeda5c062ff27b551f80fbff860a3
- SHA256
  
  8526b8f067b859b6664b8b45f0d1dd17940515b5f7a6e85eef5013fe6c678afa
- SHA512
  
  42a897869b1e669f6e773f478e94dee79ba00fb9a10a07a8a290d6e38b739e28bddb0e9d718efe059df0ce87069d0082dd669e9f2b976d31cad0ba0d7b1b4c0b
- SSDEEP
  
  98304:XS3aG0qGL02DkJqOwhl7/CgqiN17zqyHHX:BNL02gJ+l7/Cf+7zVHX
Score

8^/10

evasion
- Stops running service(s)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2