5b8088c02e1d234ac5c836a2396c9b2188724d02c54618d756524cdc930f985c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

637b2a4316a41eaddb0d572dbc0b092b
Size

2.0MB
Sample

240117-yslyssecf4
MD5

637b2a4316a41eaddb0d572dbc0b092b
SHA1

258826ab86b514a54582148539f1bea3ba4d14b4
SHA256

5b8088c02e1d234ac5c836a2396c9b2188724d02c54618d756524cdc930f985c
SHA512

865149482b8c923563e371e44da32e419133725d2fa62d3f6d1ffc27edb59067bf110ffb8fd1a663c67643788f7c2ede60b3692c2bc70082e40e6a6cd7325e15
SSDEEP

49152:6kcWaS7NUKJSYI7FkKDBiq+k1QJ5ejc9Pz6Pz6PzScOU7m6YvS:v5VNUKhiF1DBiq+pfejIr6r6r5OU7cS

Score

7^/10

Malware Config

Targets

- Target
  
  637b2a4316a41eaddb0d572dbc0b092b
- Size
  
  2.0MB
- MD5
  
  637b2a4316a41eaddb0d572dbc0b092b
- SHA1
  
  258826ab86b514a54582148539f1bea3ba4d14b4
- SHA256
  
  5b8088c02e1d234ac5c836a2396c9b2188724d02c54618d756524cdc930f985c
- SHA512
  
  865149482b8c923563e371e44da32e419133725d2fa62d3f6d1ffc27edb59067bf110ffb8fd1a663c67643788f7c2ede60b3692c2bc70082e40e6a6cd7325e15
- SSDEEP
  
  49152:6kcWaS7NUKJSYI7FkKDBiq+k1QJ5ejc9Pz6Pz6PzScOU7m6YvS:v5VNUKhiF1DBiq+pfejIr6r6r5OU7cS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2