8458eaf1b45ee76d7ca9b65e8079e93304ade9bc4508b6119751d51d17036bd2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8458eaf1b45ee76d7ca9b65e8079e93304ade9bc4508b6119751d51d17036bd2
Size

2.4MB
Sample

240319-xgv7nace6w
MD5

fb796f2d87542393890391ee603a987b
SHA1

7428959e38bf00e6896509d2782a78749ce4d123
SHA256

8458eaf1b45ee76d7ca9b65e8079e93304ade9bc4508b6119751d51d17036bd2
SHA512

a37b062f88a4058072d9626fe620f5db6c5e2385ab2e842d893d1218db35538efbf76379caa8f0768eccc4e709edcaa959e32cf09023eb43fb9c582c55d5fd14
SSDEEP

49152:WswRSfku6MpMO8T4nQwGFQmrW9tgNyyqSztKbTg:WswRTxcz8TIwtrWoNy4IbM

Score

7^/10

Malware Config

Targets

- Target
  
  8458eaf1b45ee76d7ca9b65e8079e93304ade9bc4508b6119751d51d17036bd2
- Size
  
  2.4MB
- MD5
  
  fb796f2d87542393890391ee603a987b
- SHA1
  
  7428959e38bf00e6896509d2782a78749ce4d123
- SHA256
  
  8458eaf1b45ee76d7ca9b65e8079e93304ade9bc4508b6119751d51d17036bd2
- SHA512
  
  a37b062f88a4058072d9626fe620f5db6c5e2385ab2e842d893d1218db35538efbf76379caa8f0768eccc4e709edcaa959e32cf09023eb43fb9c582c55d5fd14
- SSDEEP
  
  49152:WswRSfku6MpMO8T4nQwGFQmrW9tgNyyqSztKbTg:WswRTxcz8TIwtrWoNy4IbM
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2