4f95da49dca1967ff7485869ab86241feb6dd16ba28d62b9f2652cca0f814446 | Triage

Sharing

General

Target

UnoSetup.zip
Size

2.8MB
Sample

240222-y76xhseg5v
MD5

81e03eb10691517e5719e5b7569142f3
SHA1

b14effc697871456453f73c8851da9a7deaf33fa
SHA256

4f95da49dca1967ff7485869ab86241feb6dd16ba28d62b9f2652cca0f814446
SHA512

26969ea3a8d26fb5abaa1d8420ce2e93872f0f803ac51efc1c7879db85295d223de73c3d1fef8bf486cba1e528fbd5db658147b5ea62d2ac7b349c9eed5a5e5a
SSDEEP

49152:I7zT1d/FrRcaMswY1GOEm+iUuBhb+LZNsrcnkbFNeihfwH+0TrC:Qd/FrNMQETDuBl07/nkbFQCoTC

Score

5^/10

Malware Config

Targets

- Target
  
  UnoSetup.zip
- Size
  
  2.8MB
- MD5
  
  81e03eb10691517e5719e5b7569142f3
- SHA1
  
  b14effc697871456453f73c8851da9a7deaf33fa
- SHA256
  
  4f95da49dca1967ff7485869ab86241feb6dd16ba28d62b9f2652cca0f814446
- SHA512
  
  26969ea3a8d26fb5abaa1d8420ce2e93872f0f803ac51efc1c7879db85295d223de73c3d1fef8bf486cba1e528fbd5db658147b5ea62d2ac7b349c9eed5a5e5a
- SSDEEP
  
  49152:I7zT1d/FrRcaMswY1GOEm+iUuBhb+LZNsrcnkbFNeihfwH+0TrC:Qd/FrNMQETDuBl07/nkbFQCoTC
Score

1^/10
behavioral1 behavioral2
- Target
  
  UnoSetup.exe (W-GALEEVRR)
- Size
  
  3.4MB
- MD5
  
  a2d955dee3a857e4883f5e2626ff1107
- SHA1
  
  e1ac2541bcac868fe82d77fd3c39669c0cb91029
- SHA256
  
  4870b29dbb6c96493256c463f2771994b9df40895fbfeec00ff3070655694f14
- SHA512
  
  21a926839ae0d16c3010ffaa8d82943c4b2f6d43f69d77cb7993c13d57c4379af99e779195be30b742400414c2bb28d470aab582d9d7949b88208bc881ca8694
- SSDEEP
  
  98304:JkL5tvZKG88Txrg3XyG3haC9PEIn8WP9o:K74G88l0yGwC9cO8+o
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4