074560d25f56fc7b25a9a70dc0a4ff67ce939fd2d5dc4e140bab3867b09299c9 | Triage

Sharing

General

Target

074560d25f56fc7b25a9a70dc0a4ff67ce939fd2d5dc4e140bab3867b09299c9
Size

154KB
Sample

240422-w42saaee72
MD5

61e342518329807084c89d7ed8d07daa
SHA1

346e70b102411d3326d0cc97b88e4ba1f4a1ce83
SHA256

074560d25f56fc7b25a9a70dc0a4ff67ce939fd2d5dc4e140bab3867b09299c9
SHA512

7a32947210d140ea9dcd1583d8146679f73a81b37c594ad09673b3b2f133dc1ec7d646db1c75a7bce0c0cc4f3b830b4ec330a0aee13f3c839f9f4f3fbaeb02ce
SSDEEP

3072:CBAp5XhKpN4eOyVTGfhEClj8jTk+0hAF8f3kDA5UaMg6:RbXE9OiTGfhEClq9FGvkDww

Score

8^/10

Malware Config

Targets

- Target
  
  074560d25f56fc7b25a9a70dc0a4ff67ce939fd2d5dc4e140bab3867b09299c9
- Size
  
  154KB
- MD5
  
  61e342518329807084c89d7ed8d07daa
- SHA1
  
  346e70b102411d3326d0cc97b88e4ba1f4a1ce83
- SHA256
  
  074560d25f56fc7b25a9a70dc0a4ff67ce939fd2d5dc4e140bab3867b09299c9
- SHA512
  
  7a32947210d140ea9dcd1583d8146679f73a81b37c594ad09673b3b2f133dc1ec7d646db1c75a7bce0c0cc4f3b830b4ec330a0aee13f3c839f9f4f3fbaeb02ce
- SSDEEP
  
  3072:CBAp5XhKpN4eOyVTGfhEClj8jTk+0hAF8f3kDA5UaMg6:RbXE9OiTGfhEClq9FGvkDww
Score

8^/10
- Blocklisted process makes network request
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2