58c9a81f103a38283dfd69749c0d1886dc9dfde5f633ec4b2a8f57f939c38f05 | Triage

Sharing

General

Target

58c9a81f103a38283dfd69749c0d1886dc9dfde5f633ec4b2a8f57f939c38f05
Size

447KB
Sample

240428-1a5pasaa2s
MD5

6c174ad268701e2f55a6f94cddd36c66
SHA1

0fd8066ac8df6df126edc04fa8af26164267b303
SHA256

58c9a81f103a38283dfd69749c0d1886dc9dfde5f633ec4b2a8f57f939c38f05
SHA512

e27700946caa3cbefe1186df35556dbf7d62cf1d0bd3a017ffe5748eee462a2b1b4cca35b169ff225e5e59ecba06edc60084db495c9bc27a680a44b422b96e12
SSDEEP

12288:QT6SZhP46SCTbSwgS1IaPRJbDh4i0vm4OsKN5sTuGZ0:QThhP46SCTbSwgS1IaPRJbDh4i0vm4OJ

Score

7^/10

Malware Config

Targets

- Target
  
  58c9a81f103a38283dfd69749c0d1886dc9dfde5f633ec4b2a8f57f939c38f05
- Size
  
  447KB
- MD5
  
  6c174ad268701e2f55a6f94cddd36c66
- SHA1
  
  0fd8066ac8df6df126edc04fa8af26164267b303
- SHA256
  
  58c9a81f103a38283dfd69749c0d1886dc9dfde5f633ec4b2a8f57f939c38f05
- SHA512
  
  e27700946caa3cbefe1186df35556dbf7d62cf1d0bd3a017ffe5748eee462a2b1b4cca35b169ff225e5e59ecba06edc60084db495c9bc27a680a44b422b96e12
- SSDEEP
  
  12288:QT6SZhP46SCTbSwgS1IaPRJbDh4i0vm4OsKN5sTuGZ0:QThhP46SCTbSwgS1IaPRJbDh4i0vm4OJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2