d981b787e15b86ccaabb454f6bd644598d98febe58c80eb9f0bb222c5be1ee36 | Triage

Sharing

General

Target

program.zip
Size

28.2MB
Sample

240212-y94j6sbf6s
MD5

25115c281bfd04fe93140925d15e05f4
SHA1

133e1758e55f6366c9a1da3e233547512f4399c3
SHA256

d981b787e15b86ccaabb454f6bd644598d98febe58c80eb9f0bb222c5be1ee36
SHA512

6afedca10c07e30da3c96c799e2736f13361980ab5821821df8321c5c675e6d33d6c1d7c2af33ab366fc56e2b8738e4c5e55fa5caa1c9a76b9a06a22cb74129c
SSDEEP

786432:2/DY3o0lwxU6sj4fo5XQgsPjQUm9P1nOtU:2LzcwxU6m4IANx+Ph

Score

7^/10

Malware Config

Targets

- Target
  
  program.zip
- Size
  
  28.2MB
- MD5
  
  25115c281bfd04fe93140925d15e05f4
- SHA1
  
  133e1758e55f6366c9a1da3e233547512f4399c3
- SHA256
  
  d981b787e15b86ccaabb454f6bd644598d98febe58c80eb9f0bb222c5be1ee36
- SHA512
  
  6afedca10c07e30da3c96c799e2736f13361980ab5821821df8321c5c675e6d33d6c1d7c2af33ab366fc56e2b8738e4c5e55fa5caa1c9a76b9a06a22cb74129c
- SSDEEP
  
  786432:2/DY3o0lwxU6sj4fo5XQgsPjQUm9P1nOtU:2LzcwxU6m4IANx+Ph
Score

1^/10
behavioral1 behavioral2
- Target
  
  start.exe
- Size
  
  18.8MB
- MD5
  
  95ee92dae22fb6551ece87bae3de1454
- SHA1
  
  65b00ea3ca00ef3b1c6df2985465825f80631aca
- SHA256
  
  8ec738c5c3311fa1ee4780ab40b728a569cf1cfd1b63f2c8c7b28db6b5edba9a
- SHA512
  
  df220c668962bebf6da113573135074e465bf2da4457e1595b26a8b68b38dd9c217f306474ac4d8ee1a5ee4905521aceca58203ff9eb53c74318400909576089
- SSDEEP
  
  393216:hzuTRRxZ9ctLdtuki5a2aBna0T/ly5WQBHb0x6f2/WBfKlPcVRg+4+:QTRudtuk6Q/lEg6fJBDEn+
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4