de5cf20e4077372593a8c24c31306b7e5b9ba62e3952609bde308300631c8c3f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Purchase Order.exe
Size

674KB
Sample

240308-rnb5gaaa7v
MD5

bb27ed093c6e2c730c9474aa79ac2d29
SHA1

321a8af5f62eb08923ca0e0ca99de7fde052033a
SHA256

de5cf20e4077372593a8c24c31306b7e5b9ba62e3952609bde308300631c8c3f
SHA512

f8178da7f0bdbf165082e420c364c1a91718b7e09eccc0a9f5c10ab4f79420f455bbbda9533e4efb1fd20a201ce0fccfaecefb271daa4b4d2eda09d304f856af
SSDEEP

12288:dd0FtImAFJFiXpflU5Xnt9K4QRvePodWz4gjbbN0hYE38uH21qDfZDGh:bM61FaXlgXt9K4QIPoAUhYE3JHNu

Score

7^/10

Malware Config

Targets

- Target
  
  Purchase Order.exe
- Size
  
  674KB
- MD5
  
  bb27ed093c6e2c730c9474aa79ac2d29
- SHA1
  
  321a8af5f62eb08923ca0e0ca99de7fde052033a
- SHA256
  
  de5cf20e4077372593a8c24c31306b7e5b9ba62e3952609bde308300631c8c3f
- SHA512
  
  f8178da7f0bdbf165082e420c364c1a91718b7e09eccc0a9f5c10ab4f79420f455bbbda9533e4efb1fd20a201ce0fccfaecefb271daa4b4d2eda09d304f856af
- SSDEEP
  
  12288:dd0FtImAFJFiXpflU5Xnt9K4QRvePodWz4gjbbN0hYE38uH21qDfZDGh:bM61FaXlgXt9K4QIPoAUhYE3JHNu
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2