b32781dffffaddc2ccab6f76dd0044894c2e3db8346bfc5e4e0d09624fee14c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_16e64b83933c0ea42ec9de131c4d2527
Size

24KB
Sample

240204-p9jqbscdak
MD5

16e64b83933c0ea42ec9de131c4d2527
SHA1

2d608bd9a248701068c50b8d6f9ca2d4150d8261
SHA256

b32781dffffaddc2ccab6f76dd0044894c2e3db8346bfc5e4e0d09624fee14c9
SHA512

927403fd454f786d1f91673fd32a0812e43700065699ef139443ebe03e3a3fbb8e159f5324cbce42de5f7141ac302e38a944d85ebdf62b9825d48553b6996f87
SSDEEP

192:oVAexK8tq37U5AlT0TwiyY9xGd46fA1F1/+oSGRPzR/QdmIcybcx:oVe7pSy2xGd4oQF1/rNRPzR/QD1k

Score

7^/10

Malware Config

Targets

- Target
  
  VirusShare_16e64b83933c0ea42ec9de131c4d2527
- Size
  
  24KB
- MD5
  
  16e64b83933c0ea42ec9de131c4d2527
- SHA1
  
  2d608bd9a248701068c50b8d6f9ca2d4150d8261
- SHA256
  
  b32781dffffaddc2ccab6f76dd0044894c2e3db8346bfc5e4e0d09624fee14c9
- SHA512
  
  927403fd454f786d1f91673fd32a0812e43700065699ef139443ebe03e3a3fbb8e159f5324cbce42de5f7141ac302e38a944d85ebdf62b9825d48553b6996f87
- SSDEEP
  
  192:oVAexK8tq37U5AlT0TwiyY9xGd46fA1F1/+oSGRPzR/QdmIcybcx:oVe7pSy2xGd4oQF1/rNRPzR/QD1k
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2