2e1a346d13ae17dff86d8b824ec3b78e097827f67322c0c6175670db8c41303e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc2cfdace871eb8499e326f155b01d63.bin
Size

166.8MB
Sample

240328-c4q61aba47
MD5

dc2cfdace871eb8499e326f155b01d63
SHA1

3eb3fb28d2fed92c45f32d3e24d347bc32dd456f
SHA256

2e1a346d13ae17dff86d8b824ec3b78e097827f67322c0c6175670db8c41303e
SHA512

b49fddcd033e953abbefa4ade4c69f6b96836cdfd70d197d5fbf9341cfa079c3b54dd50130bc697203d0e19124e35c13f33ac8a8adf111ce2143b1b48380c8cb
SSDEEP

1572864:4BRO09akMhGIrAVqO9uP2WP2QW4Ev7K2hPt:4XO0bIrahB2Ev7K2hPt

Score

7^/10

Malware Config

Targets

- Target
  
  dc2cfdace871eb8499e326f155b01d63.bin
- Size
  
  166.8MB
- MD5
  
  dc2cfdace871eb8499e326f155b01d63
- SHA1
  
  3eb3fb28d2fed92c45f32d3e24d347bc32dd456f
- SHA256
  
  2e1a346d13ae17dff86d8b824ec3b78e097827f67322c0c6175670db8c41303e
- SHA512
  
  b49fddcd033e953abbefa4ade4c69f6b96836cdfd70d197d5fbf9341cfa079c3b54dd50130bc697203d0e19124e35c13f33ac8a8adf111ce2143b1b48380c8cb
- SSDEEP
  
  1572864:4BRO09akMhGIrAVqO9uP2WP2QW4Ev7K2hPt:4XO0bIrahB2Ev7K2hPt
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2