19b948cd476a616352fa32d7f2a3fbb8a3183884f2772fa6dd30cf4674ded5fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19b948cd476a616352fa32d7f2a3fbb8a3183884f2772fa6dd30cf4674ded5fb
Size

537KB
Sample

240310-yedehaba6s
MD5

6736e39ef89e8f524f1e9715e5f9f75d
SHA1

0104e87bd7d6a23151ca557edf3e76dcc28413c9
SHA256

19b948cd476a616352fa32d7f2a3fbb8a3183884f2772fa6dd30cf4674ded5fb
SHA512

ba48efa923146e01a4953e916af771ce84b783513fd3928e7fd034d355f0426cc5020f0700cef15fae1545c37757e6cebeb0f646988a6c845fb88ce795021622
SSDEEP

3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxx:wqDAwl0xPTMiR9JSSxPUKYGdodHo

Score

7^/10

Malware Config

Targets

- Target
  
  19b948cd476a616352fa32d7f2a3fbb8a3183884f2772fa6dd30cf4674ded5fb
- Size
  
  537KB
- MD5
  
  6736e39ef89e8f524f1e9715e5f9f75d
- SHA1
  
  0104e87bd7d6a23151ca557edf3e76dcc28413c9
- SHA256
  
  19b948cd476a616352fa32d7f2a3fbb8a3183884f2772fa6dd30cf4674ded5fb
- SHA512
  
  ba48efa923146e01a4953e916af771ce84b783513fd3928e7fd034d355f0426cc5020f0700cef15fae1545c37757e6cebeb0f646988a6c845fb88ce795021622
- SSDEEP
  
  3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxx:wqDAwl0xPTMiR9JSSxPUKYGdodHo
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2