bfe28a0d5d878aebe6f9e31d73387d55a054d758b89ae2019435ade10f99d497 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba5a15fbef0e281e3dc7d5974574eb84
Size

255KB
Sample

240308-djl7zsdg62
MD5

ba5a15fbef0e281e3dc7d5974574eb84
SHA1

ebd132a678c1c996bbcc435361bbb4b5cbb3f3b7
SHA256

bfe28a0d5d878aebe6f9e31d73387d55a054d758b89ae2019435ade10f99d497
SHA512

6a1914a3b42613dda7b52f3fc5b97188f393392025a4ef2c2a3dcca9de2d29be0eea5accaca20d31beae3856ea93a224019f603d826de4e0305d0e23bb19ec82
SSDEEP

3072:ZYUb5QoJ4g+Ri+Zj6Iz1ZdW4SrO7FSVpW:ZY7xh6SZI4z7FSVpW

Score

7^/10

Malware Config

Targets

- Target
  
  ba5a15fbef0e281e3dc7d5974574eb84
- Size
  
  255KB
- MD5
  
  ba5a15fbef0e281e3dc7d5974574eb84
- SHA1
  
  ebd132a678c1c996bbcc435361bbb4b5cbb3f3b7
- SHA256
  
  bfe28a0d5d878aebe6f9e31d73387d55a054d758b89ae2019435ade10f99d497
- SHA512
  
  6a1914a3b42613dda7b52f3fc5b97188f393392025a4ef2c2a3dcca9de2d29be0eea5accaca20d31beae3856ea93a224019f603d826de4e0305d0e23bb19ec82
- SSDEEP
  
  3072:ZYUb5QoJ4g+Ri+Zj6Iz1ZdW4SrO7FSVpW:ZY7xh6SZI4z7FSVpW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2