a79326422c4adeb66935beb69e4ccf575eb3c7091bc26ed3617b398549003e09 | Triage

Sharing

General

Target

ZipQueens.exe
Size

3.0MB
Sample

240423-zevt8abf89
MD5

c6569ab91e2c670e268908604c9117eb
SHA1

442eb9b590a502ab967283bcefb2cf1c246f165a
SHA256

a79326422c4adeb66935beb69e4ccf575eb3c7091bc26ed3617b398549003e09
SHA512

2397967170c7d73e121233518dd31d29bb8c2f21af2c74c362bf0dc5c1405b1dd173059b4e696902b2e64be342d4e56c16ba7a3d69dfa08a364620376913b484
SSDEEP

49152:JM7Yh3k3h4u3jGpIpp9R9rWY/zypyAxD37/+TIgjTt/77bpvl+SgRb:cYh04u3qpIppf9vupd+TI6t/771vl+S8

Score

7^/10

Malware Config

Targets

- Target
  
  ZipQueens.exe
- Size
  
  3.0MB
- MD5
  
  c6569ab91e2c670e268908604c9117eb
- SHA1
  
  442eb9b590a502ab967283bcefb2cf1c246f165a
- SHA256
  
  a79326422c4adeb66935beb69e4ccf575eb3c7091bc26ed3617b398549003e09
- SHA512
  
  2397967170c7d73e121233518dd31d29bb8c2f21af2c74c362bf0dc5c1405b1dd173059b4e696902b2e64be342d4e56c16ba7a3d69dfa08a364620376913b484
- SSDEEP
  
  49152:JM7Yh3k3h4u3jGpIpp9R9rWY/zypyAxD37/+TIgjTt/77bpvl+SgRb:cYh04u3qpIppf9vupd+TI6t/771vl+S8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2