8166609f4ba9f7455935c6c8e5c611475e0c353f33e1ce3421cc1be36fc423b9 | Triage

Sharing

General

Target

LethalMenuAssistant.exe
Size

43.7MB
Sample

240427-zf5e2sfh98
MD5

cbc432478f11d142cc8064b61277419b
SHA1

e87596e97addf45fcecd4289ad2707df0176379b
SHA256

8166609f4ba9f7455935c6c8e5c611475e0c353f33e1ce3421cc1be36fc423b9
SHA512

629ff3551d25211dce6766778a7f71dffb377e83428db6dd1694d2e18a9839d430e48f611fbb022614984a2090ce0cfba0b2950b0f3ba74837e309387b9c1cfe
SSDEEP

49152:JZ3YfIchKUlPM2bq7mTv+iru13ojPJM7q3zskBFHjC2K4IeNcHQ4XwKLHHnq34jI:HeIcBa18Doq33

Score

7^/10

Malware Config

Targets

- Target
  
  LethalMenuAssistant.exe
- Size
  
  43.7MB
- MD5
  
  cbc432478f11d142cc8064b61277419b
- SHA1
  
  e87596e97addf45fcecd4289ad2707df0176379b
- SHA256
  
  8166609f4ba9f7455935c6c8e5c611475e0c353f33e1ce3421cc1be36fc423b9
- SHA512
  
  629ff3551d25211dce6766778a7f71dffb377e83428db6dd1694d2e18a9839d430e48f611fbb022614984a2090ce0cfba0b2950b0f3ba74837e309387b9c1cfe
- SSDEEP
  
  49152:JZ3YfIchKUlPM2bq7mTv+iru13ojPJM7q3zskBFHjC2K4IeNcHQ4XwKLHHnq34jI:HeIcBa18Doq33
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1