1fd0018a96a1171470f84d4d745cf11c246b785d3b60fb957c0677399d597291 | Triage

Sharing

General

Target

1fd0018a96a1171470f84d4d745cf11c246b785d3b60fb957c0677399d597291
Size

884KB
Sample

240410-lyltrsee5w
MD5

15c3f942008cec2d34194d507080dd57
SHA1

bd9501a2a2628981ef0fb9984985d1b7f08b7738
SHA256

1fd0018a96a1171470f84d4d745cf11c246b785d3b60fb957c0677399d597291
SHA512

c1f2c3f00f919706049602a1145299954865874ad7d1f3327487d97f422a249e99c00a5794375ac3e7cb1f54f68154b97d786c00e54cd935e942a95e7a89c9ab
SSDEEP

12288:DcDyx6wkfGttBjZQtxA3TZYLPDXoQEO9Sb334LpNePvhBu0FA5HTpX5EXxFXiNlF:D9RkcVQjA3WDW49NeBSpTpX5EX3i6

Score

7^/10

Malware Config

Targets

- Target
  
  0816-98077.lnk
- Size
  
  2KB
- MD5
  
  d729fef48e3c09a64faf9092ae9eab88
- SHA1
  
  fd4b613d08de90f8684ae588fc10482c31f35596
- SHA256
  
  be7f7955a296874f238da6ec5b63ffec995429ee1833e7fbcc294e36eeacbca4
- SHA512
  
  4347bef239e000ea7f3d0a80af83a23fe72c5207fb0543a64ad06bc81404a7bfe2d72447dab839abc1396bc17cdef0ed4072f8ff0ffb9fc08c99bed9e4ef5496
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  des.exe
- Size
  
  710KB
- MD5
  
  7a6f871515ca04bb234cc6ef88ba307b
- SHA1
  
  589650b8065b1bcc158407775be56c2512502701
- SHA256
  
  867b5ab6db84ec428180f16ea32d670c0792469088d89d29869ba357e5329340
- SHA512
  
  da9429726ec0e39ef930603b2b6746df4fa6d1db6fcfbae970f0d01b06aa934c830de4c88f9b75520d7a026139ae5cc8b2086286cbda802709be90dd65925af0
- SSDEEP
  
  12288:hcDyx6wkfGttBjZQtxA3TZYLPDXoQEO9Sb334LpNePvhBu0FA5HTpX5EXxFXiNll:h9RkcVQjA3WDW49NeBSpTpX5EX3G
Score

4^/10
behavioral3 behavioral4
- Target
  
  ofcpipc.dll
- Size
  
  117KB
- MD5
  
  d1794235db24c4839ce99ad445c81312
- SHA1
  
  0d2bee33209aba1a5e31d350b95c1f6e65e5ec1a
- SHA256
  
  904189ef4cec6ad4603918e63e0b2e477cb11503315ad3822437ee75920793f4
- SHA512
  
  4cb7b2d2bda0be11e19b1637b05cd3f57676366e249749012625f3c01a509a6178bddb6f5e7a95f7f9875a98895dabd56d15ebe8e7cd72801f829801c7b3d628
- SSDEEP
  
  3072:WATtZYJedHceXVAyGw612+sMRNkB6LRm7gnRFkvyD1u:jWcdLXVXGw6SsnflD1u
Score

3^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6