36e926e4b29dd1f763b9e99518546447ca3afbaaae67861ac27933e5d607be3b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7841911ea47607b89bbe7e560b8db0f4
Size

3.4MB
Sample

240126-ynx59sdcf6
MD5

7841911ea47607b89bbe7e560b8db0f4
SHA1

9389913c6861b9fa5bc4b4621278a81eae4e8fb4
SHA256

36e926e4b29dd1f763b9e99518546447ca3afbaaae67861ac27933e5d607be3b
SHA512

0468dd4bb51ee8842e62fde35d513ea02ddb64fb2a87642ce87fb02af3205d21e758d13b3816fa855eebab9fb4d3ea5e9999c74c87dc4a2b500727764999c5a3
SSDEEP

98304:1DP4rzp9/Bn9EbdY94qRaztW3kOLdCNnXZ4IWhxrnrYNy3R2D:qp1AZY94xpOkXKXhxrs6R4

Score

8^/10

Malware Config

Targets

- Target
  
  7841911ea47607b89bbe7e560b8db0f4
- Size
  
  3.4MB
- MD5
  
  7841911ea47607b89bbe7e560b8db0f4
- SHA1
  
  9389913c6861b9fa5bc4b4621278a81eae4e8fb4
- SHA256
  
  36e926e4b29dd1f763b9e99518546447ca3afbaaae67861ac27933e5d607be3b
- SHA512
  
  0468dd4bb51ee8842e62fde35d513ea02ddb64fb2a87642ce87fb02af3205d21e758d13b3816fa855eebab9fb4d3ea5e9999c74c87dc4a2b500727764999c5a3
- SSDEEP
  
  98304:1DP4rzp9/Bn9EbdY94qRaztW3kOLdCNnXZ4IWhxrnrYNy3R2D:qp1AZY94xpOkXKXhxrs6R4
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2