2a01e128c520c2fb21457bb3459b1656b524cf75b202fa360119fd78c2071c1c | Triage

Sharing

General

Target

a1ca271b07d591b1cf9fba663d65b29d
Size

28KB
Sample

240224-nw17saaf63
MD5

a1ca271b07d591b1cf9fba663d65b29d
SHA1

311de07d6700fce937a4bc40d832e225d0314278
SHA256

2a01e128c520c2fb21457bb3459b1656b524cf75b202fa360119fd78c2071c1c
SHA512

ac785ceeab69752c514b636672a1df8e12ef4eda3672e2915fa8acec187c59640dcd1ab5f841d8014e87edc71628513e4595c3cbc65f09a833539018a13d16a1
SSDEEP

768:Mz0woDlJgtvK8JdkGlab+pmn7oZLL59c1DJB+UmguTt:NJluty8LxlaqwoJL59YDJB+RgU

Score

7^/10

Malware Config

Targets

- Target
  
  a1ca271b07d591b1cf9fba663d65b29d
- Size
  
  28KB
- MD5
  
  a1ca271b07d591b1cf9fba663d65b29d
- SHA1
  
  311de07d6700fce937a4bc40d832e225d0314278
- SHA256
  
  2a01e128c520c2fb21457bb3459b1656b524cf75b202fa360119fd78c2071c1c
- SHA512
  
  ac785ceeab69752c514b636672a1df8e12ef4eda3672e2915fa8acec187c59640dcd1ab5f841d8014e87edc71628513e4595c3cbc65f09a833539018a13d16a1
- SSDEEP
  
  768:Mz0woDlJgtvK8JdkGlab+pmn7oZLL59c1DJB+UmguTt:NJluty8LxlaqwoJL59YDJB+RgU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2