f49c7dfd88e3c7ac1358bc78a12ab0c4fa7eb9ff834e572b894cd7bd80703c39 | Triage

Sharing

General

Target

f49c7dfd88e3c7ac1358bc78a12ab0c4fa7eb9ff834e572b894cd7bd80703c39
Size

7.9MB
Sample

240419-ppbh8add2s
MD5

e1a2a74689f040d1641313826062ff29
SHA1

280e7628263a24cae2282ee1f3a29e86e7551b47
SHA256

f49c7dfd88e3c7ac1358bc78a12ab0c4fa7eb9ff834e572b894cd7bd80703c39
SHA512

443660191d2c4050fb1edfe0b8ab2311011ea8589214f25201036837edf975c071bb1918156ee843ddfae40dbe5811f2d1e295b6ee323239a5035960a09367bd
SSDEEP

196608:eSqX4SyqIz+CEyBd6Mbf/5mXJRpKA+pR84V+No2b1N:rrSyfbZCJRk8Yh

Score

7^/10

Malware Config

Targets

- Target
  
  f49c7dfd88e3c7ac1358bc78a12ab0c4fa7eb9ff834e572b894cd7bd80703c39
- Size
  
  7.9MB
- MD5
  
  e1a2a74689f040d1641313826062ff29
- SHA1
  
  280e7628263a24cae2282ee1f3a29e86e7551b47
- SHA256
  
  f49c7dfd88e3c7ac1358bc78a12ab0c4fa7eb9ff834e572b894cd7bd80703c39
- SHA512
  
  443660191d2c4050fb1edfe0b8ab2311011ea8589214f25201036837edf975c071bb1918156ee843ddfae40dbe5811f2d1e295b6ee323239a5035960a09367bd
- SSDEEP
  
  196608:eSqX4SyqIz+CEyBd6Mbf/5mXJRpKA+pR84V+No2b1N:rrSyfbZCJRk8Yh
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2