5f8f7ec1a567775d32871d8830f5c2a30b39ef93da90b03c8b0ded647cb5b982 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f8f7ec1a567775d32871d8830f5c2a30b39ef93da90b03c8b0ded647cb5b982
Size

383KB
Sample

240418-2cxl5she9v
MD5

07a0cacf5c0222b9fcc799ff83f02b11
SHA1

62655bbd1cb2bdac76cf43e0e63e399edc2f5e17
SHA256

5f8f7ec1a567775d32871d8830f5c2a30b39ef93da90b03c8b0ded647cb5b982
SHA512

c57f05ad410f6b43f6e439b2f0f66dab0cd073a939a152a1f4498331d76823b2d5180008c7895e7180ce01a6a63b6fea3e5fde24233c50de82dd76d04bb909b0
SSDEEP

6144:CV3kStXduHrY8wA+AUTpldpbKSBt8l52Q49vjY8cf:C9kKNYM8wA+AUTpldpbKSb8l52QyvjYF

Score

10^/10

Malware Config

Targets

- Target
  
  5f8f7ec1a567775d32871d8830f5c2a30b39ef93da90b03c8b0ded647cb5b982
- Size
  
  383KB
- MD5
  
  07a0cacf5c0222b9fcc799ff83f02b11
- SHA1
  
  62655bbd1cb2bdac76cf43e0e63e399edc2f5e17
- SHA256
  
  5f8f7ec1a567775d32871d8830f5c2a30b39ef93da90b03c8b0ded647cb5b982
- SHA512
  
  c57f05ad410f6b43f6e439b2f0f66dab0cd073a939a152a1f4498331d76823b2d5180008c7895e7180ce01a6a63b6fea3e5fde24233c50de82dd76d04bb909b0
- SSDEEP
  
  6144:CV3kStXduHrY8wA+AUTpldpbKSBt8l52Q49vjY8cf:C9kKNYM8wA+AUTpldpbKSb8l52QyvjYF
Score

9^/10
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2