fce35b1d5d26f825d68c2b3146e3bd9c349ed598b802bbe5cf019205577eaa99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fce35b1d5d26f825d68c2b3146e3bd9c349ed598b802bbe5cf019205577eaa99
Size

479KB
Sample

240502-gl741saf4x
MD5

1dec67305597217b0ea9634258650444
SHA1

5d42fc0034ecbc95c8a66828e16dfd90755c0e65
SHA256

fce35b1d5d26f825d68c2b3146e3bd9c349ed598b802bbe5cf019205577eaa99
SHA512

fb6a0adfb484a165b20d6b7cd02fd4c1043e2495a1a17e740598481d4189c4e9b004d2649ea5394003fb0a8e5589ad6d47a1171b2d2c0c34dbee8073d1218303
SSDEEP

12288:tA+AUTpldpbKSb8l52Qyvj5yMUaSv/DLO4A37z3wa362UnNuI55JPB0b+V:tA+AUTpldpbba5kv8MUaSzLO/3PwfNN/

Score

7^/10

Malware Config

Targets

- Target
  
  fce35b1d5d26f825d68c2b3146e3bd9c349ed598b802bbe5cf019205577eaa99
- Size
  
  479KB
- MD5
  
  1dec67305597217b0ea9634258650444
- SHA1
  
  5d42fc0034ecbc95c8a66828e16dfd90755c0e65
- SHA256
  
  fce35b1d5d26f825d68c2b3146e3bd9c349ed598b802bbe5cf019205577eaa99
- SHA512
  
  fb6a0adfb484a165b20d6b7cd02fd4c1043e2495a1a17e740598481d4189c4e9b004d2649ea5394003fb0a8e5589ad6d47a1171b2d2c0c34dbee8073d1218303
- SSDEEP
  
  12288:tA+AUTpldpbKSb8l52Qyvj5yMUaSv/DLO4A37z3wa362UnNuI55JPB0b+V:tA+AUTpldpbba5kv8MUaSzLO/3PwfNN/
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2