b53c749c59757ad6567c5d2bb43b296a27d5daaef09153a0f69bacd2978dd69c | Triage

Sharing

General

Target

b0ec505ad10e7e4dd86ceb2d35693e58.bin
Size

30KB
Sample

240327-d6lvqsbg98
MD5

b0ec505ad10e7e4dd86ceb2d35693e58
SHA1

30dbceb806db8e82e9badbbd0c0d4ae6e4ec07bb
SHA256

b53c749c59757ad6567c5d2bb43b296a27d5daaef09153a0f69bacd2978dd69c
SHA512

f0f84a028b351352df3772e49d04a0266fbcc6b3e019f54648615b508bf308f90f7afbb83e498cde632c4e9704d5ea4aced3779a79ced249d15b5cee28734d72
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn+p8Z:b/yC4GyNM01GuQMNXw2PSjU8Z

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b0ec505ad10e7e4dd86ceb2d35693e58.bin
- Size
  
  30KB
- MD5
  
  b0ec505ad10e7e4dd86ceb2d35693e58
- SHA1
  
  30dbceb806db8e82e9badbbd0c0d4ae6e4ec07bb
- SHA256
  
  b53c749c59757ad6567c5d2bb43b296a27d5daaef09153a0f69bacd2978dd69c
- SHA512
  
  f0f84a028b351352df3772e49d04a0266fbcc6b3e019f54648615b508bf308f90f7afbb83e498cde632c4e9704d5ea4aced3779a79ced249d15b5cee28734d72
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn+p8Z:b/yC4GyNM01GuQMNXw2PSjU8Z
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2