48a832bb1ec921fe8e1da229a630cf8cbff9c06115cd0dbff9f61f1034b292c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48a832bb1ec921fe8e1da229a630cf8cbff9c06115cd0dbff9f61f1034b292c8
Size

362KB
Sample

240504-2w1sxahe32
MD5

9742e90c2bfcf24f8ad7250fcc0ab4bc
SHA1

ecd8ec24c1217891d80d94391a82512da784eaa2
SHA256

48a832bb1ec921fe8e1da229a630cf8cbff9c06115cd0dbff9f61f1034b292c8
SHA512

7d98539ab86e27743f73d22100549c6d2a633fc3a4ca6f45f89a1c8bb931f90bfb680eb96ace24197f45b5309bc56d5bf809d406d95aa41d26e2a1e1e8b5ee56
SSDEEP

6144:pYFoSUDxyFkhKSZI4zLVSVp3ys9ceiItgAf:aeJVWcKSZhnVep3ys37tgAf

Score

7^/10

Malware Config

Targets

- Target
  
  48a832bb1ec921fe8e1da229a630cf8cbff9c06115cd0dbff9f61f1034b292c8
- Size
  
  362KB
- MD5
  
  9742e90c2bfcf24f8ad7250fcc0ab4bc
- SHA1
  
  ecd8ec24c1217891d80d94391a82512da784eaa2
- SHA256
  
  48a832bb1ec921fe8e1da229a630cf8cbff9c06115cd0dbff9f61f1034b292c8
- SHA512
  
  7d98539ab86e27743f73d22100549c6d2a633fc3a4ca6f45f89a1c8bb931f90bfb680eb96ace24197f45b5309bc56d5bf809d406d95aa41d26e2a1e1e8b5ee56
- SSDEEP
  
  6144:pYFoSUDxyFkhKSZI4zLVSVp3ys9ceiItgAf:aeJVWcKSZhnVep3ys37tgAf
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2