bf36af34a5986ba66e65dc1129ed6931c2f2280a862ef68834c50a2176400c1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99e0706a3fe3a30d701b2cca0bb51cba
Size

139KB
Sample

240213-xg6cmagg82
MD5

99e0706a3fe3a30d701b2cca0bb51cba
SHA1

58f96ddbe3da8be17d442dedbf6a51121bb732eb
SHA256

bf36af34a5986ba66e65dc1129ed6931c2f2280a862ef68834c50a2176400c1a
SHA512

2416b30f5bcaafb4a91076d1d658f6a7c270a06728f8e208af02a98f99e987556f708d3c809f357fdd09a0f30aa65bf482a185f9faddcf82caa75c061b5a6258
SSDEEP

3072:Dno/tVYQnFNXj1CqAlEoEF53VQY820jcF/ZSJ/m1w0g5s+Q:DoAQnFNXxBEE3JH8CVZPy0gLQ

Score

7^/10

Malware Config

Targets

- Target
  
  99e0706a3fe3a30d701b2cca0bb51cba
- Size
  
  139KB
- MD5
  
  99e0706a3fe3a30d701b2cca0bb51cba
- SHA1
  
  58f96ddbe3da8be17d442dedbf6a51121bb732eb
- SHA256
  
  bf36af34a5986ba66e65dc1129ed6931c2f2280a862ef68834c50a2176400c1a
- SHA512
  
  2416b30f5bcaafb4a91076d1d658f6a7c270a06728f8e208af02a98f99e987556f708d3c809f357fdd09a0f30aa65bf482a185f9faddcf82caa75c061b5a6258
- SSDEEP
  
  3072:Dno/tVYQnFNXj1CqAlEoEF53VQY820jcF/ZSJ/m1w0g5s+Q:DoAQnFNXxBEE3JH8CVZPy0gLQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2