6f1fb3d24593af3bf12c88a5eadc30fe8f3a13db3a2c0116187cb7ead88909b6 | Triage

Sharing

General

Target

9c7d0a38e8c193bdc60aa9302db6b895
Size

2.0MB
Sample

240215-avhgdscf2x
MD5

9c7d0a38e8c193bdc60aa9302db6b895
SHA1

197193d770d9341de7b8c3fe311dcc2ea5429dec
SHA256

6f1fb3d24593af3bf12c88a5eadc30fe8f3a13db3a2c0116187cb7ead88909b6
SHA512

2820a2732742dafa986da2bf52da19bcfe720e4681274c6185bffbd67e780414f91e5425aedfc11d0d97b3c63a7372a5b45d631275ed9c66f474b397ad05f8db
SSDEEP

49152:eZq6VzYctLDj+B5y3mxf/gU8iDPYShg9t8eYZl1EHKaf:etnPjUQWWri7Yqu8eYZlaf

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  9c7d0a38e8c193bdc60aa9302db6b895
- Size
  
  2.0MB
- MD5
  
  9c7d0a38e8c193bdc60aa9302db6b895
- SHA1
  
  197193d770d9341de7b8c3fe311dcc2ea5429dec
- SHA256
  
  6f1fb3d24593af3bf12c88a5eadc30fe8f3a13db3a2c0116187cb7ead88909b6
- SHA512
  
  2820a2732742dafa986da2bf52da19bcfe720e4681274c6185bffbd67e780414f91e5425aedfc11d0d97b3c63a7372a5b45d631275ed9c66f474b397ad05f8db
- SSDEEP
  
  49152:eZq6VzYctLDj+B5y3mxf/gU8iDPYShg9t8eYZl1EHKaf:etnPjUQWWri7Yqu8eYZlaf
Score

8^/10

evasion
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2