979b15ce6604cfd33c9e31f14f8f383c427c7ef3698477d068e4665067f25793 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

123.exe
Size

3.5MB
Sample

240225-pykhgscf3t
MD5

14379a31a9c84e67605eff2684e780e5
SHA1

fe6eb1b3e963d3db3110e3308712a16fc3897bcb
SHA256

979b15ce6604cfd33c9e31f14f8f383c427c7ef3698477d068e4665067f25793
SHA512

b3f4a3bf2ba3ff40a169f2e9c7bf520a6502a3c17b6ac3a3798297ac5446ddac7d355d8ab15bae31df3a05174fcd2742e2d10c11a18470bd4f1970e6a1926328
SSDEEP

98304:zgwRxqSjZAJ/ZjoCPXaqqhdh+7J/ejhZc+xB/JvKsTYYWHFufDp2r:zgIVjCJe6V+h+7tedZh5vKZzOa

Score

7^/10

Malware Config

Targets

- Target
  
  123.exe
- Size
  
  3.5MB
- MD5
  
  14379a31a9c84e67605eff2684e780e5
- SHA1
  
  fe6eb1b3e963d3db3110e3308712a16fc3897bcb
- SHA256
  
  979b15ce6604cfd33c9e31f14f8f383c427c7ef3698477d068e4665067f25793
- SHA512
  
  b3f4a3bf2ba3ff40a169f2e9c7bf520a6502a3c17b6ac3a3798297ac5446ddac7d355d8ab15bae31df3a05174fcd2742e2d10c11a18470bd4f1970e6a1926328
- SSDEEP
  
  98304:zgwRxqSjZAJ/ZjoCPXaqqhdh+7J/ejhZc+xB/JvKsTYYWHFufDp2r:zgIVjCJe6V+h+7tedZh5vKZzOa
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2