b8d96793563a92e2f42886a43ae767280308451c435fc27838b50437676bacf4 | Triage

Sharing

General

Target

winzip28.exe
Size

2.8MB
Sample

240501-yaerrsef5s
MD5

d7c6ccf487978c2eab86dae39ff98c5b
SHA1

2a045647b18fe9529952f0459b0daaea6c1f65b3
SHA256

b8d96793563a92e2f42886a43ae767280308451c435fc27838b50437676bacf4
SHA512

ddbe28d900cb989dac64add8b99f5488c702153aeeb527283d1618f905ab6b0a26c56a61a62100cb6afdee3297b69a99e83769eb3177a91df661298551042116
SSDEEP

49152:l9vgPi4Lp+1+zV9c9S7J5/iR7B/3blLYSNVMaxY3Y9fkHu+bHqAz:fbCpEYV9uSF5/mt/Ll5xY3gkHu+bH1z

Score

7^/10

Malware Config

Targets

- Target
  
  winzip28.exe
- Size
  
  2.8MB
- MD5
  
  d7c6ccf487978c2eab86dae39ff98c5b
- SHA1
  
  2a045647b18fe9529952f0459b0daaea6c1f65b3
- SHA256
  
  b8d96793563a92e2f42886a43ae767280308451c435fc27838b50437676bacf4
- SHA512
  
  ddbe28d900cb989dac64add8b99f5488c702153aeeb527283d1618f905ab6b0a26c56a61a62100cb6afdee3297b69a99e83769eb3177a91df661298551042116
- SSDEEP
  
  49152:l9vgPi4Lp+1+zV9c9S7J5/iR7B/3blLYSNVMaxY3Y9fkHu+bHqAz:fbCpEYV9uSF5/mt/Ll5xY3gkHu+bH1z
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1