8763598c3d0a94d912df94d6c4b884712069f782205416abc65f4dedd7e4e992 | Triage

Sharing

General

Target

c1546b676c3440edd404aff65d6acf17
Size

184KB
Sample

240311-xb8wkach48
MD5

c1546b676c3440edd404aff65d6acf17
SHA1

99c3bf5c2898a4ad6f874e70c58396d81147e2a5
SHA256

8763598c3d0a94d912df94d6c4b884712069f782205416abc65f4dedd7e4e992
SHA512

f36c61f90a6b895d5052e3ed4381f610ad25ff6961d004c2562934507be6d38659d9b659d0e37a05c842c5f920fbac3bc53aff091d8558cc55eb7a1734252319
SSDEEP

3072:t7P1UQa9k7U8TH1/TF0fwsDp3m0QTmKE99vTLxg5J8j/0KyEXRuPeKr4uMvwahe:t7P1UrkA8TVLylp3i099L1h/0KyMRumV

Score

7^/10

Malware Config

Targets

- Target
  
  c1546b676c3440edd404aff65d6acf17
- Size
  
  184KB
- MD5
  
  c1546b676c3440edd404aff65d6acf17
- SHA1
  
  99c3bf5c2898a4ad6f874e70c58396d81147e2a5
- SHA256
  
  8763598c3d0a94d912df94d6c4b884712069f782205416abc65f4dedd7e4e992
- SHA512
  
  f36c61f90a6b895d5052e3ed4381f610ad25ff6961d004c2562934507be6d38659d9b659d0e37a05c842c5f920fbac3bc53aff091d8558cc55eb7a1734252319
- SSDEEP
  
  3072:t7P1UQa9k7U8TH1/TF0fwsDp3m0QTmKE99vTLxg5J8j/0KyEXRuPeKr4uMvwahe:t7P1UrkA8TVLylp3i099L1h/0KyMRumV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2