af2a5ff8d610f27d38374cbdcbef850fe2a8a016f0e38728920e1765edf25aee | Triage

Sharing

General

Target

af2a5ff8d610f27d38374cbdcbef850fe2a8a016f0e38728920e1765edf25aee
Size

5.1MB
Sample

240125-t2pzlaagb2
MD5

35d7a6836ccbac676e1cfb5ac91f5271
SHA1

cb5bdcc4e24582426adad790b7352727f9369290
SHA256

af2a5ff8d610f27d38374cbdcbef850fe2a8a016f0e38728920e1765edf25aee
SHA512

677d895bb09eeb0d3d1acab29e9923ef0127c55fb8ce63c0bf9b349930698b709d8367dfd632325fe52a5c952d722f2553f679ac51fcdc7383c970f5601618b3
SSDEEP

98304:KHenYKGxUcl3nT83CwmMbopUKdzOJDb4v+Z:KHrBMsDwN0v+Z

Score

8^/10

Malware Config

Targets

- Target
  
  af2a5ff8d610f27d38374cbdcbef850fe2a8a016f0e38728920e1765edf25aee
- Size
  
  5.1MB
- MD5
  
  35d7a6836ccbac676e1cfb5ac91f5271
- SHA1
  
  cb5bdcc4e24582426adad790b7352727f9369290
- SHA256
  
  af2a5ff8d610f27d38374cbdcbef850fe2a8a016f0e38728920e1765edf25aee
- SHA512
  
  677d895bb09eeb0d3d1acab29e9923ef0127c55fb8ce63c0bf9b349930698b709d8367dfd632325fe52a5c952d722f2553f679ac51fcdc7383c970f5601618b3
- SSDEEP
  
  98304:KHenYKGxUcl3nT83CwmMbopUKdzOJDb4v+Z:KHrBMsDwN0v+Z
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2