0280fbde725a3ffe96a1f0cce44c82be4f757c66232b5b3293e1a680390d6960 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

989ae5b3d5f518de0269ec326005f6fb.bin
Size

41KB
Sample

240225-def56sbc5z
MD5

989ae5b3d5f518de0269ec326005f6fb
SHA1

0c8caa1ad57d3bfae239d76aeccb51f4e364eed5
SHA256

0280fbde725a3ffe96a1f0cce44c82be4f757c66232b5b3293e1a680390d6960
SHA512

9928e3f61d1ad060f6bd2faefb899de0fc6305a06f1d2e651e0237110a76484f9e8dad838ee2b6bb9bcc9652452785bfbf92715361b4ba355f6da7ee6caa037a
SSDEEP

768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PADX:b/pYayGig5HjS3NPAL

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  989ae5b3d5f518de0269ec326005f6fb.bin
- Size
  
  41KB
- MD5
  
  989ae5b3d5f518de0269ec326005f6fb
- SHA1
  
  0c8caa1ad57d3bfae239d76aeccb51f4e364eed5
- SHA256
  
  0280fbde725a3ffe96a1f0cce44c82be4f757c66232b5b3293e1a680390d6960
- SHA512
  
  9928e3f61d1ad060f6bd2faefb899de0fc6305a06f1d2e651e0237110a76484f9e8dad838ee2b6bb9bcc9652452785bfbf92715361b4ba355f6da7ee6caa037a
- SSDEEP
  
  768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PADX:b/pYayGig5HjS3NPAL
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2