73db3988aa7d3e80b58904d02cf93ba7f4bde1259a4951d4a8772fc5f8dc1fa8 | Triage

Sharing

General

Target

73db3988aa7d3e80b58904d02cf93ba7f4bde1259a4951d4a8772fc5f8dc1fa8
Size

539KB
Sample

240429-2z5k9sdb58
MD5

a27d8c4859e533a56552b9a62f83c182
SHA1

f384b311cd7e77d94383850bd8c051f8b8546e6e
SHA256

73db3988aa7d3e80b58904d02cf93ba7f4bde1259a4951d4a8772fc5f8dc1fa8
SHA512

c4b3ffcc05364044fad4376fba6ae4ce0b6b823763185ab7d81f95cda8fb24178230dbd90f7906dcc5ffe7a057d460be549005db113b624447f1f6bcebaf5659
SSDEEP

3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAx3:wqDAwl0xPTMiR9JSSxPUKYGdodHA

Score

7^/10

Malware Config

Targets

- Target
  
  73db3988aa7d3e80b58904d02cf93ba7f4bde1259a4951d4a8772fc5f8dc1fa8
- Size
  
  539KB
- MD5
  
  a27d8c4859e533a56552b9a62f83c182
- SHA1
  
  f384b311cd7e77d94383850bd8c051f8b8546e6e
- SHA256
  
  73db3988aa7d3e80b58904d02cf93ba7f4bde1259a4951d4a8772fc5f8dc1fa8
- SHA512
  
  c4b3ffcc05364044fad4376fba6ae4ce0b6b823763185ab7d81f95cda8fb24178230dbd90f7906dcc5ffe7a057d460be549005db113b624447f1f6bcebaf5659
- SSDEEP
  
  3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAx3:wqDAwl0xPTMiR9JSSxPUKYGdodHA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2