ba5386607408ea2e0ad8d7ad31811949c2105d22550fe77fbf9919e8d7b4100c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba5386607408ea2e0ad8d7ad31811949c2105d22550fe77fbf9919e8d7b4100c
Size

104KB
Sample

240312-bxh2daeb44
MD5

8a1c0cf6c8e1be105fb6b71a15c4ad7e
SHA1

4fa0b1f3b6f14620dddd98415d3d98f726fcc0bf
SHA256

ba5386607408ea2e0ad8d7ad31811949c2105d22550fe77fbf9919e8d7b4100c
SHA512

627172e872ef1d6e7cdcbdfbeb8c222173dad1c55724301a7e3b7ae5948343f53527560b0c7d46b69dcc825b5f4aed0c3c61287ec4c6820249aeecc3af24a94c
SSDEEP

1536:rrwIBoW3L+hknFdMMs/mBP6ipzOW2+3GHSesGYHKhSw3IM:rsWolsFdMMsgOW+HSAR

Score

7^/10

Malware Config

Targets

- Target
  
  ba5386607408ea2e0ad8d7ad31811949c2105d22550fe77fbf9919e8d7b4100c
- Size
  
  104KB
- MD5
  
  8a1c0cf6c8e1be105fb6b71a15c4ad7e
- SHA1
  
  4fa0b1f3b6f14620dddd98415d3d98f726fcc0bf
- SHA256
  
  ba5386607408ea2e0ad8d7ad31811949c2105d22550fe77fbf9919e8d7b4100c
- SHA512
  
  627172e872ef1d6e7cdcbdfbeb8c222173dad1c55724301a7e3b7ae5948343f53527560b0c7d46b69dcc825b5f4aed0c3c61287ec4c6820249aeecc3af24a94c
- SSDEEP
  
  1536:rrwIBoW3L+hknFdMMs/mBP6ipzOW2+3GHSesGYHKhSw3IM:rsWolsFdMMsgOW+HSAR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2