0625f84f174f72e98cb67251a549638b8997012701ae7e47d6fa348567bfd7ba | Triage

Sharing

General

Target

0625f84f174f72e98cb67251a549638b8997012701ae7e47d6fa348567bfd7ba
Size

15.8MB
Sample

240309-m27fbaga4v
MD5

9295f9f0f78b9d5fa9a2fc35df0375f8
SHA1

7f7e3eda0d4ae74bf478af0adbf1acbb91d120c5
SHA256

0625f84f174f72e98cb67251a549638b8997012701ae7e47d6fa348567bfd7ba
SHA512

eda20c302be4e1d45d9ea4371d3ffda7879f361384cbc4e9c3afd4d0c03a1015a117ec5cb9291461a65afa4f70f3b808340c3a821bb74765e6ad259406732b16
SSDEEP

393216:nnh8jy6vL6wNUC91GQCjYvJbJEtl8vPpDmRzMuTPy6Ya4G:nKp3HGhjkJEgvJ6yHa4G

Score

7^/10

Malware Config

Targets

- Target
  
  0625f84f174f72e98cb67251a549638b8997012701ae7e47d6fa348567bfd7ba
- Size
  
  15.8MB
- MD5
  
  9295f9f0f78b9d5fa9a2fc35df0375f8
- SHA1
  
  7f7e3eda0d4ae74bf478af0adbf1acbb91d120c5
- SHA256
  
  0625f84f174f72e98cb67251a549638b8997012701ae7e47d6fa348567bfd7ba
- SHA512
  
  eda20c302be4e1d45d9ea4371d3ffda7879f361384cbc4e9c3afd4d0c03a1015a117ec5cb9291461a65afa4f70f3b808340c3a821bb74765e6ad259406732b16
- SSDEEP
  
  393216:nnh8jy6vL6wNUC91GQCjYvJbJEtl8vPpDmRzMuTPy6Ya4G:nKp3HGhjkJEgvJ6yHa4G
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/SimpleSC.dll
- Size
  
  1.1MB
- MD5
  
  7b89329c6d8693fb2f6a4330100490a0
- SHA1
  
  851b605cdc1c390c4244db56659b6b9aa8abd22c
- SHA256
  
  1620cdf739f459d1d83411f93648f29dcf947a910cc761e85ac79a69639d127d
- SHA512
  
  ac07972987ee610a677ea049a8ec521a720f7352d8b93411a95fd4b35ec29bfd1d6ccf55b48f32cc84c3dceef05855f723a88708eb4cf23caec77e7f6596786a
- SSDEEP
  
  12288:fRdJsAp4dXFcLBz75cwoCmJKHwe6VuoH9v0D/LF5mM6:fBsmyVS151oCmJKE1dv0DX
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  6e55a6e7c3fdbd244042eb15cb1ec739
- SHA1
  
  070ea80e2192abc42f358d47b276990b5fa285a9
- SHA256
  
  acf90ab6f4edc687e94aaf604d05e16e6cfb5e35873783b50c66f307a35c6506
- SHA512
  
  2d504b74da38edc967e3859733a2a9cacd885db82f0ca69bfb66872e882707314c54238344d45945dc98bae85772aceef71a741787922d640627d3c8ae8f1c35
- SSDEEP
  
  192:MenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XBaIwL:M8+Qlt70Fj/lQRY/9VjjgL
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  ec9c99216ef11cdd85965e78bc797d2c
- SHA1
  
  1d5f93fbf4f8aab8164b109e9e1768e7b80ad88c
- SHA256
  
  c1b7c3ef8b77a5bb335dc9ec9c3546b249014dde43aa2a9ed719b4d5933741df
- SHA512
  
  35ff522c4efb3875fce0d6dce438f5225e5f27b414e7c16df88031e90b528c057fe10b4bbf755445c0500c3521e0797f562690aa7209f588169164bbfaceaba1
- SSDEEP
  
  96:JwzdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuHUDQ:JTkDr/HA5v6G2IElFernNQZGdHs
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  4KB
- MD5
  
  88d3e48d1c1a051c702d47046ade7b4c
- SHA1
  
  8fc805a8b7900b6ba895d1b809a9f3ad4c730d23
- SHA256
  
  51da07da18a5486b11e0d51ebff77a3f2fcbb4d66b5665d212cc6bda480c4257
- SHA512
  
  83299dd948b40b4e2c226256d018716dbacfa739d8e882131c7f4c028c0913bc4ed9d770deb252931f3d4890f8f385bd43dcf2a5bfe5b922ec35f4b3144247a7
Score

3^/10
behavioral10 behavioral9
- Target
  
  file.bat
- Size
  
  104B
- MD5
  
  f153d51505dbb3e9a190aae6a7269a72
- SHA1
  
  9d9c99e0142f200c00e8a4dcc65eeecfaa3cc17e
- SHA256
  
  19591e0a956e524775f97d628f897883e99a57cb845eab24a1be9a172bd6f458
- SHA512
  
  5c30328972573203cdfc65f9f435f7e720c7d45bc073f1971d706a112e780064416418e922b0078c78d4c5c0b798810667a5cf610bbe03472ee4e981eac08dfc
Score

1^/10
behavioral11 behavioral12
- Target
  
  mgxitt.exe
- Size
  
  802KB
- MD5
  
  8f57948e69c82bf98704f129c5460576
- SHA1
  
  33e277af0cea397252c23d310961f803be5cdf2b
- SHA256
  
  f00836a63be7ebf14e1b8c40100c59777fe3432506b330927ea1f1b7fd47ee44
- SHA512
  
  628cf68c9436721b874a87e1bff711d3b6fe5d4bd9b02411890059a7d32078a9592fc48e6e53761d17bdbd72c5eb66593b841470157a3e8b38f0b67525d73bc9
- SSDEEP
  
  24576:L48I9t/zu2QSM0TMzOCkY+we/86W5gXKxZ5:Le71MzuiehWIKxZ
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14