d93462375781ed26ca9fef6fb1fc6a8f131df449be64e310399f41ca080d555a | Triage

Sharing

General

Target

d93462375781ed26ca9fef6fb1fc6a8f131df449be64e310399f41ca080d555a
Size

356KB
Sample

240419-d6wd6sgf3v
MD5

c2df91f93f76c57a2010414220bd8a1f
SHA1

cfc327cdcb06812c20bfec96cd580258c90e346f
SHA256

d93462375781ed26ca9fef6fb1fc6a8f131df449be64e310399f41ca080d555a
SHA512

a74082056fc9e8815be35b109b830702af3cff752f19936ed0d173ddc7bb39fe04d4d23ae2db768c20160accf8b045774b507814f250de445d5548dbf3f111e2
SSDEEP

3072:+YUb5QoJ4g+CLi8HSpmWAVW9UNpZj6Iz1ZdW4SrO7FSVpEv4wD66ibA:+YwLTNV97h6SZI4z7FSVp84+28

Score

7^/10

Malware Config

Targets

- Target
  
  d93462375781ed26ca9fef6fb1fc6a8f131df449be64e310399f41ca080d555a
- Size
  
  356KB
- MD5
  
  c2df91f93f76c57a2010414220bd8a1f
- SHA1
  
  cfc327cdcb06812c20bfec96cd580258c90e346f
- SHA256
  
  d93462375781ed26ca9fef6fb1fc6a8f131df449be64e310399f41ca080d555a
- SHA512
  
  a74082056fc9e8815be35b109b830702af3cff752f19936ed0d173ddc7bb39fe04d4d23ae2db768c20160accf8b045774b507814f250de445d5548dbf3f111e2
- SSDEEP
  
  3072:+YUb5QoJ4g+CLi8HSpmWAVW9UNpZj6Iz1ZdW4SrO7FSVpEv4wD66ibA:+YwLTNV97h6SZI4z7FSVp84+28
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2