d648e6545bb7db0e4dc53e236334aa7e9d91654ca288dc7fb66ae3a7755356c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d648e6545bb7db0e4dc53e236334aa7e9d91654ca288dc7fb66ae3a7755356c8
Size

224KB
Sample

240316-amkxjsfb4v
MD5

b04de3b90ffd3c6b119d9e0296a48255
SHA1

e1ae84855fbf2238597e68dbc522a3f5b6804852
SHA256

d648e6545bb7db0e4dc53e236334aa7e9d91654ca288dc7fb66ae3a7755356c8
SHA512

af557a7366a4cb8583e2e3f232d429cad21d4017f440b07337285017647d1c8795dba0f4e62a0225cdf76867c8e14d3473fb169e92d65193b637894f950880c6
SSDEEP

3072:GpdKBLMLrJ8/hCjG8G3GbGVGBGfGuGxGWYcrf6Kadk:GpUBLMLrYAYcD6Kad

Score

7^/10

Malware Config

Targets

- Target
  
  d648e6545bb7db0e4dc53e236334aa7e9d91654ca288dc7fb66ae3a7755356c8
- Size
  
  224KB
- MD5
  
  b04de3b90ffd3c6b119d9e0296a48255
- SHA1
  
  e1ae84855fbf2238597e68dbc522a3f5b6804852
- SHA256
  
  d648e6545bb7db0e4dc53e236334aa7e9d91654ca288dc7fb66ae3a7755356c8
- SHA512
  
  af557a7366a4cb8583e2e3f232d429cad21d4017f440b07337285017647d1c8795dba0f4e62a0225cdf76867c8e14d3473fb169e92d65193b637894f950880c6
- SSDEEP
  
  3072:GpdKBLMLrJ8/hCjG8G3GbGVGBGfGuGxGWYcrf6Kadk:GpUBLMLrYAYcD6Kad
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2