b2d4457f7d9c5bce541982a0dfce52d05088e1e7be2b07d87e32b98b1d456c3b | Triage

Sharing

General

Target

d3c30a0eae56673d073fb5b5a2f3c62c
Size

64KB
Sample

240318-r2mhcsbc25
MD5

d3c30a0eae56673d073fb5b5a2f3c62c
SHA1

ddef40f396f1a9c29677404d70596dff625ef909
SHA256

b2d4457f7d9c5bce541982a0dfce52d05088e1e7be2b07d87e32b98b1d456c3b
SHA512

a9c74ef35462eebff781a638d6a7b666135fdc8eff026de327fce18dc506211a59014f46b96de6b7744fbf2468d1ebd7846356f19e6cf47ec5e008ff7b10607b
SSDEEP

768:dDJLpNn7eE9kyXDOiYKpMttNa9E4uVeRt6c/LjsrGeunHeuWYjGtcZfdZ0Xv1aeJ:VVp+enSN+AVeLDjs6ucLZ0Xv1ouZsvV

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  d3c30a0eae56673d073fb5b5a2f3c62c
- Size
  
  64KB
- MD5
  
  d3c30a0eae56673d073fb5b5a2f3c62c
- SHA1
  
  ddef40f396f1a9c29677404d70596dff625ef909
- SHA256
  
  b2d4457f7d9c5bce541982a0dfce52d05088e1e7be2b07d87e32b98b1d456c3b
- SHA512
  
  a9c74ef35462eebff781a638d6a7b666135fdc8eff026de327fce18dc506211a59014f46b96de6b7744fbf2468d1ebd7846356f19e6cf47ec5e008ff7b10607b
- SSDEEP
  
  768:dDJLpNn7eE9kyXDOiYKpMttNa9E4uVeRt6c/LjsrGeunHeuWYjGtcZfdZ0Xv1aeJ:VVp+enSN+AVeLDjs6ucLZ0Xv1ouZsvV
Score

7^/10

evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2