a2659a522094cb64223129269b8f9e41df27630f68dbcaf4867022fc6340db66 | Triage

Sharing

General

Target

a2659a522094cb64223129269b8f9e41df27630f68dbcaf4867022fc6340db66
Size

529KB
Sample

240425-br74bacg73
MD5

4867223ee97095cbc7556370b3cddad0
SHA1

f0ec09d9ef492ed2de6bb5ce67098810bf60e6e5
SHA256

a2659a522094cb64223129269b8f9e41df27630f68dbcaf4867022fc6340db66
SHA512

5439ebe274608a7377c80e947d822a178d438579500cfec96b319ace0cb02aac2231f1798c0947cbf3a7d96d9a0e87994b01505586b6034a6d6c63d2feb4d13e
SSDEEP

3072:4Cao5s1x1Pkl0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxU:4qal8l0xPTMiR9JSSxPUKYGdodHF

Score

7^/10

Malware Config

Targets

- Target
  
  a2659a522094cb64223129269b8f9e41df27630f68dbcaf4867022fc6340db66
- Size
  
  529KB
- MD5
  
  4867223ee97095cbc7556370b3cddad0
- SHA1
  
  f0ec09d9ef492ed2de6bb5ce67098810bf60e6e5
- SHA256
  
  a2659a522094cb64223129269b8f9e41df27630f68dbcaf4867022fc6340db66
- SHA512
  
  5439ebe274608a7377c80e947d822a178d438579500cfec96b319ace0cb02aac2231f1798c0947cbf3a7d96d9a0e87994b01505586b6034a6d6c63d2feb4d13e
- SSDEEP
  
  3072:4Cao5s1x1Pkl0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxU:4qal8l0xPTMiR9JSSxPUKYGdodHF
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2