2048ae69df8323b80388b7719d1d9fea06dd6abf7b5a5fbb0ad7acc793ac8552 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8494e654d4c354e274509cdf9a508da0
Size

25KB
Sample

240409-2wn44sbf61
MD5

8494e654d4c354e274509cdf9a508da0
SHA1

f0d50fe2da6abc6580aab2464c5fd06a7e98a5b9
SHA256

2048ae69df8323b80388b7719d1d9fea06dd6abf7b5a5fbb0ad7acc793ac8552
SHA512

d34112d43c5129ac9200087cf3a24a03a23b051d2ba603c770b6e10034de13800af165a50091dab4e6585ac9cf30a729b165ecd2370ab914579fd48a583571db
SSDEEP

384:QatQWRIgymNeuQDC2/1BfXC3IALA5skMOlm7eVbdmGa/ZiGmMD299:QihRuKCCR3IAm9MOlq8bdA/bmMW9

Score

7^/10

Malware Config

Targets

- Target
  
  8494e654d4c354e274509cdf9a508da0
- Size
  
  25KB
- MD5
  
  8494e654d4c354e274509cdf9a508da0
- SHA1
  
  f0d50fe2da6abc6580aab2464c5fd06a7e98a5b9
- SHA256
  
  2048ae69df8323b80388b7719d1d9fea06dd6abf7b5a5fbb0ad7acc793ac8552
- SHA512
  
  d34112d43c5129ac9200087cf3a24a03a23b051d2ba603c770b6e10034de13800af165a50091dab4e6585ac9cf30a729b165ecd2370ab914579fd48a583571db
- SSDEEP
  
  384:QatQWRIgymNeuQDC2/1BfXC3IALA5skMOlm7eVbdmGa/ZiGmMD299:QihRuKCCR3IAm9MOlq8bdA/bmMW9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2