141be1895ac373d69f77a48df3760bec508a3ae050f1e71df2470fdac56aa1ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

141be1895ac373d69f77a48df3760bec508a3ae050f1e71df2470fdac56aa1ae
Size

742KB
Sample

240308-wafyqada34
MD5

6e4d9cd2b87d4d99bdf325b574b8171c
SHA1

3e01fc8ca45b6e94ecd79d6cc92fbaa9187507b0
SHA256

141be1895ac373d69f77a48df3760bec508a3ae050f1e71df2470fdac56aa1ae
SHA512

e73b726aa7b8ab32ffb9d6470ef077c66cd0f318bc9be962d37a8274bd53ad2ef03b1ae16c20b780f361f4c18118ab91866af5fb6506517727b8ad0ccdeb16c3
SSDEEP

3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxO:wqDAwl0xPTMiR9JSSxPUKYGdodHdh

Score

7^/10

Malware Config

Targets

- Target
  
  141be1895ac373d69f77a48df3760bec508a3ae050f1e71df2470fdac56aa1ae
- Size
  
  742KB
- MD5
  
  6e4d9cd2b87d4d99bdf325b574b8171c
- SHA1
  
  3e01fc8ca45b6e94ecd79d6cc92fbaa9187507b0
- SHA256
  
  141be1895ac373d69f77a48df3760bec508a3ae050f1e71df2470fdac56aa1ae
- SHA512
  
  e73b726aa7b8ab32ffb9d6470ef077c66cd0f318bc9be962d37a8274bd53ad2ef03b1ae16c20b780f361f4c18118ab91866af5fb6506517727b8ad0ccdeb16c3
- SSDEEP
  
  3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxO:wqDAwl0xPTMiR9JSSxPUKYGdodHdh
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2