11ad8a35ade7abe4ef6a3540d8a2cdac377b273c0d24c6e0ef629a54dfd8e860 | Triage

Sharing

General

Target

d9b68ed818bbc8389ead56e0d3960afe.bin
Size

39KB
Sample

240223-cva4eshh71
MD5

d9b68ed818bbc8389ead56e0d3960afe
SHA1

5f8011647136d4f1f47ec6f330b1300bdcc463ec
SHA256

11ad8a35ade7abe4ef6a3540d8a2cdac377b273c0d24c6e0ef629a54dfd8e860
SHA512

e9ae109894f6e5bb1f72dcd79205f4353937a0fb7d1a995e3f219447204010e76da9a2149963d94f888068940b136b0a4ac6cc4b2231fd964ead3f054ec52ba8
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlmoH/:b/yC4GyNM01GuQMNXw2PSjHPbSuYlZf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d9b68ed818bbc8389ead56e0d3960afe.bin
- Size
  
  39KB
- MD5
  
  d9b68ed818bbc8389ead56e0d3960afe
- SHA1
  
  5f8011647136d4f1f47ec6f330b1300bdcc463ec
- SHA256
  
  11ad8a35ade7abe4ef6a3540d8a2cdac377b273c0d24c6e0ef629a54dfd8e860
- SHA512
  
  e9ae109894f6e5bb1f72dcd79205f4353937a0fb7d1a995e3f219447204010e76da9a2149963d94f888068940b136b0a4ac6cc4b2231fd964ead3f054ec52ba8
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlmoH/:b/yC4GyNM01GuQMNXw2PSjHPbSuYlZf
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2