146dab14c3af68da73cba94c45cb7f8a7fe52bf740816b476a74ced8d5102d8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

146dab14c3af68da73cba94c45cb7f8a7fe52bf740816b476a74ced8d5102d8b
Size

30KB
Sample

240430-xzyqhaga26
MD5

28ee1380c2c788e8f450fb76a143a282
SHA1

37fb8550abcefe04a37c3a18ee63e9f2fc75940a
SHA256

146dab14c3af68da73cba94c45cb7f8a7fe52bf740816b476a74ced8d5102d8b
SHA512

2414832b9ecaff40c246472cfc6677411b7898eafa50e956ab5727ab2be5a61af5261f93b0f640227b183b6d2edccbdc76fcb043405ec0d32489f1b20ef31988
SSDEEP

192:KlApk98m4e0/IDJh/5ZQcvoyne4t/PQ3Pw1C0SluWbiWBNEckcVhJriENs:MApc8m4e0GvQak4JI341C0abnk6hJPS

Score

7^/10

Malware Config

Targets

- Target
  
  146dab14c3af68da73cba94c45cb7f8a7fe52bf740816b476a74ced8d5102d8b
- Size
  
  30KB
- MD5
  
  28ee1380c2c788e8f450fb76a143a282
- SHA1
  
  37fb8550abcefe04a37c3a18ee63e9f2fc75940a
- SHA256
  
  146dab14c3af68da73cba94c45cb7f8a7fe52bf740816b476a74ced8d5102d8b
- SHA512
  
  2414832b9ecaff40c246472cfc6677411b7898eafa50e956ab5727ab2be5a61af5261f93b0f640227b183b6d2edccbdc76fcb043405ec0d32489f1b20ef31988
- SSDEEP
  
  192:KlApk98m4e0/IDJh/5ZQcvoyne4t/PQ3Pw1C0SluWbiWBNEckcVhJriENs:MApc8m4e0GvQak4JI341C0abnk6hJPS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2