e90f2446257fe800d9717bba35490895588d861bbd6aff6c69919a1dd201253b | Triage

Sharing

General

Target

535ded1ac6be8b4229c473b7dd2fd409
Size

2.5MB
Sample

240111-ncppmsegal
MD5

535ded1ac6be8b4229c473b7dd2fd409
SHA1

9aca7d3f67d5689770a929e3acdf5d83984535bd
SHA256

e90f2446257fe800d9717bba35490895588d861bbd6aff6c69919a1dd201253b
SHA512

3dc79a18d806d9b4e7985caaf1013110a37a9b78ad98332455345aa359b6ca5172d7fa1aa591f9c9cdd9e75f84e3bd0db7df6add43fb6e13bb976702c9fc0cf0
SSDEEP

49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1r6:o7AEvgVOy29Ls3JslVYzjMO26i1

Score

7^/10

Malware Config

Targets

- Target
  
  535ded1ac6be8b4229c473b7dd2fd409
- Size
  
  2.5MB
- MD5
  
  535ded1ac6be8b4229c473b7dd2fd409
- SHA1
  
  9aca7d3f67d5689770a929e3acdf5d83984535bd
- SHA256
  
  e90f2446257fe800d9717bba35490895588d861bbd6aff6c69919a1dd201253b
- SHA512
  
  3dc79a18d806d9b4e7985caaf1013110a37a9b78ad98332455345aa359b6ca5172d7fa1aa591f9c9cdd9e75f84e3bd0db7df6add43fb6e13bb976702c9fc0cf0
- SSDEEP
  
  49152:oky796EvMtTx435MtV+Oj29Ls3t/cwCxHHlc2KP1z8o/MO2Uqed3yBI1r6:o7AEvgVOy29Ls3JslVYzjMO26i1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2