290aa0012a700a049e72cd5bf3f89819637fcae59d4b1273c0da05e5511c74bb | Triage

Sharing

General

Target

290aa0012a700a049e72cd5bf3f89819637fcae59d4b1273c0da05e5511c74bb
Size

23KB
Sample

240503-yln5ksea5v
MD5

2bbd6ca5c0f3618188bc311db9348775
SHA1

421ea74fdb810235a4135f72f9386216486a813b
SHA256

290aa0012a700a049e72cd5bf3f89819637fcae59d4b1273c0da05e5511c74bb
SHA512

e2164b9bf79e7d5e7eb7d47e84dad5ae984a91f6bb3e3dfaf6ce5b646d6c7e8de149b69d58a53d27c53c351e215fc93eef63c0b86c54ed1ae2560efc3d4fa7db
SSDEEP

384:WOw2RGQfMSF+Exwp/eCSPJSQTebw/lpdQbSQ/RUfCiSJHX/6nT:WOZRGQftFaGPMQTep2/ChPAT

Score

7^/10

Malware Config

Targets

- Target
  
  290aa0012a700a049e72cd5bf3f89819637fcae59d4b1273c0da05e5511c74bb
- Size
  
  23KB
- MD5
  
  2bbd6ca5c0f3618188bc311db9348775
- SHA1
  
  421ea74fdb810235a4135f72f9386216486a813b
- SHA256
  
  290aa0012a700a049e72cd5bf3f89819637fcae59d4b1273c0da05e5511c74bb
- SHA512
  
  e2164b9bf79e7d5e7eb7d47e84dad5ae984a91f6bb3e3dfaf6ce5b646d6c7e8de149b69d58a53d27c53c351e215fc93eef63c0b86c54ed1ae2560efc3d4fa7db
- SSDEEP
  
  384:WOw2RGQfMSF+Exwp/eCSPJSQTebw/lpdQbSQ/RUfCiSJHX/6nT:WOZRGQftFaGPMQTep2/ChPAT
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2