2de18b924e036cf14a68b6e99a4074ecc40f24800bd9c9f0c8753ccc4e45d30c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

约翰迪尔融资租赁有限公司.bmp.zip
Size

44KB
Sample

240125-htw76aaff6
MD5

05af47b394b49a8ebfea3ba66181596b
SHA1

cad00fc19a8424984f1535383e9f1bbd105e6594
SHA256

2de18b924e036cf14a68b6e99a4074ecc40f24800bd9c9f0c8753ccc4e45d30c
SHA512

3b84eed1a6d734ff567c4b7bd10920f25e471761ab3a97ef9a67fff57704ef9179b46335d47ba10bc1a6716a5a40497e1d5c2d6814587e647e40ff0577b65d33
SSDEEP

768:nO54JPI7mnQhJGh6+LO1YHPRMWkacjmmq/Ld/4XnwjeDj7DF3uWxTgV:nOyPghJGh5LBJYaV7zJ4XnwyDjN3nQ

Score

7^/10

Malware Config

Targets

- Target
  
  约翰迪尔融资租赁有限公司.bmp
- Size
  
  1.9MB
- MD5
  
  0c82b65faf383bfc67c9e78c074f34ab
- SHA1
  
  b902acf84344894ef9f4267d1622297e3a3bcc2b
- SHA256
  
  1fbfd71dd3e01fbc430819c0d0e7057033a9ba996827da9c20d35234d3bb17e9
- SHA512
  
  6fd52f3885489145ff4d9ef6218fa18b338f573f9dcfe0386556366b162f50d98b451be103d9133f7a5555b9825adb9e51bc0062c319a46337b4eaf3ca26af45
- SSDEEP
  
  1536:8pobi/CKreZvXQ/v/fYJy0SE0+tVWdl3EwaDN6M21IdPMHlHE8hPzkOoY0ge/v/f:5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2