e03b2c5eaa74d06115b8355fa235e0560efe3565449006d0892bced442d40001 | Triage

Sharing

General

Target

37d20c6251eb2841b8f786118163068b
Size

655KB
Sample

231231-qmb8eadaa5
MD5

37d20c6251eb2841b8f786118163068b
SHA1

0ddcde28c97b691ead8c7a4fc663daef21af1768
SHA256

e03b2c5eaa74d06115b8355fa235e0560efe3565449006d0892bced442d40001
SHA512

bb94c06ec3b0de25bb93ef9c9ed8d2d28f7e2e3550810b81bf2d903c7001e0afd1f92a4af2a0b717f059ba36a2c1d1ad47a62fe29a88c05f36022a0b9b8f8a53
SSDEEP

12288:IojBt6WnTwGPKZqk47F6NRYUOoFv128d/nLETwFbs9sCaNlTMfSsrL+IvRS:tjBt66TwGPoqkHkiggb8sCaN9MxL+IvY

Score

8^/10

Malware Config

Targets

- Target
  
  37d20c6251eb2841b8f786118163068b
- Size
  
  655KB
- MD5
  
  37d20c6251eb2841b8f786118163068b
- SHA1
  
  0ddcde28c97b691ead8c7a4fc663daef21af1768
- SHA256
  
  e03b2c5eaa74d06115b8355fa235e0560efe3565449006d0892bced442d40001
- SHA512
  
  bb94c06ec3b0de25bb93ef9c9ed8d2d28f7e2e3550810b81bf2d903c7001e0afd1f92a4af2a0b717f059ba36a2c1d1ad47a62fe29a88c05f36022a0b9b8f8a53
- SSDEEP
  
  12288:IojBt6WnTwGPKZqk47F6NRYUOoFv128d/nLETwFbs9sCaNlTMfSsrL+IvRS:tjBt66TwGPoqkHkiggb8sCaN9MxL+IvY
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2