a2713c9e7b2b5af410ccb1fc80afc4857357d8cb79a0150b8d27505792257047 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2713c9e7b2b5af410ccb1fc80afc4857357d8cb79a0150b8d27505792257047
Size

2.3MB
Sample

240429-nvhztahf68
MD5

81ad6e94b00d03feb9431ac8d3eddd0b
SHA1

c3be0ff6ca5d9b382c7ae210fcbe442f45556cf2
SHA256

a2713c9e7b2b5af410ccb1fc80afc4857357d8cb79a0150b8d27505792257047
SHA512

925e90b543002620f3813db5741d291302f4ca9ff47606a2611706306fd1ad697992db138b55a24d1cf1b55933c2ac5773aec544fd5a8ba1a28e63987b3612f3
SSDEEP

49152:HJCdwRNur3eXpBumxeembNmMuKr4BTzNF6FIKkmvyJDDwTiRsBwKsikaPNDM:HJC4Q3eveeiRn4BTRHKyJD6iRsCrRMy

Score

7^/10

Malware Config

Targets

- Target
  
  a2713c9e7b2b5af410ccb1fc80afc4857357d8cb79a0150b8d27505792257047
- Size
  
  2.3MB
- MD5
  
  81ad6e94b00d03feb9431ac8d3eddd0b
- SHA1
  
  c3be0ff6ca5d9b382c7ae210fcbe442f45556cf2
- SHA256
  
  a2713c9e7b2b5af410ccb1fc80afc4857357d8cb79a0150b8d27505792257047
- SHA512
  
  925e90b543002620f3813db5741d291302f4ca9ff47606a2611706306fd1ad697992db138b55a24d1cf1b55933c2ac5773aec544fd5a8ba1a28e63987b3612f3
- SSDEEP
  
  49152:HJCdwRNur3eXpBumxeembNmMuKr4BTzNF6FIKkmvyJDDwTiRsBwKsikaPNDM:HJC4Q3eveeiRn4BTRHKyJD6iRsCrRMy
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2