31207da839ead8fbe883e6ad7b6a816bab5928813878fcd184d6df4d9895b686 | Triage

Sharing

General

Target

31207da839ead8fbe883e6ad7b6a816bab5928813878fcd184d6df4d9895b686
Size

31KB
Sample

240419-yxqsjsec47
MD5

e69efc283c06e8141a705546b8cfba99
SHA1

f886341d050d59b39d435c222071268d628308bd
SHA256

31207da839ead8fbe883e6ad7b6a816bab5928813878fcd184d6df4d9895b686
SHA512

f11d4305a7ee7afee3fc36f7751f95b32e5e63027a5d6515ee8317d77c8c3375d71657ac4d821fcd450d99899286ec92234d934bb3e9637142bd481ff0e105e1
SSDEEP

384:tGx04wzHycMnzWHr5r9Vc5lxr8gPkijToDeYBWX2SENkNSflyzDrmElW:UxHc0Im/8m9TMe+WGFUSflyyEY

Score

7^/10

Malware Config

Targets

- Target
  
  31207da839ead8fbe883e6ad7b6a816bab5928813878fcd184d6df4d9895b686
- Size
  
  31KB
- MD5
  
  e69efc283c06e8141a705546b8cfba99
- SHA1
  
  f886341d050d59b39d435c222071268d628308bd
- SHA256
  
  31207da839ead8fbe883e6ad7b6a816bab5928813878fcd184d6df4d9895b686
- SHA512
  
  f11d4305a7ee7afee3fc36f7751f95b32e5e63027a5d6515ee8317d77c8c3375d71657ac4d821fcd450d99899286ec92234d934bb3e9637142bd481ff0e105e1
- SSDEEP
  
  384:tGx04wzHycMnzWHr5r9Vc5lxr8gPkijToDeYBWX2SENkNSflyzDrmElW:UxHc0Im/8m9TMe+WGFUSflyyEY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2