bd51320e5b89f8e0b15635d394c415e86148caeb4230abe8c82716ce35eff5cc | Triage

Sharing

General

Target

9a14cad3cef7929ef0e9b2c30c57a67a
Size

2.0MB
Sample

240213-2f1g7saf3z
MD5

9a14cad3cef7929ef0e9b2c30c57a67a
SHA1

43f9374bbe5079d6f1aed792f4b25cd8e2642a7b
SHA256

bd51320e5b89f8e0b15635d394c415e86148caeb4230abe8c82716ce35eff5cc
SHA512

50017688bddc1d7f4b9c34f7f217ccd36a864088dbc223ec494f1b7bc5edea2eff45cd380f6ddce7e2d14ba4abbf19231713cf58d193701c2d7d22c24a8060cb
SSDEEP

49152:e5qJWxgUEmUPLmPn49QB3j7QfBu4e+EF+jQzbMqp/7DvJsf:eMWxgUGmUc7QJnVjQ8qtfQ

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  9a14cad3cef7929ef0e9b2c30c57a67a
- Size
  
  2.0MB
- MD5
  
  9a14cad3cef7929ef0e9b2c30c57a67a
- SHA1
  
  43f9374bbe5079d6f1aed792f4b25cd8e2642a7b
- SHA256
  
  bd51320e5b89f8e0b15635d394c415e86148caeb4230abe8c82716ce35eff5cc
- SHA512
  
  50017688bddc1d7f4b9c34f7f217ccd36a864088dbc223ec494f1b7bc5edea2eff45cd380f6ddce7e2d14ba4abbf19231713cf58d193701c2d7d22c24a8060cb
- SSDEEP
  
  49152:e5qJWxgUEmUPLmPn49QB3j7QfBu4e+EF+jQzbMqp/7DvJsf:eMWxgUGmUc7QJnVjQ8qtfQ
Score

8^/10

evasion
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2