5d492ad3ed04099178123f0a141e09b03e1f3e0310da04bb04b886757f87d9f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d492ad3ed04099178123f0a141e09b03e1f3e0310da04bb04b886757f87d9f6
Size

1.1MB
Sample

240505-gzwm5scg23
MD5

6d00844cbde8bdeef9c76779e6cd1bb8
SHA1

4fd1972ae6b9d15211b7c35f5f592bdb26ca1236
SHA256

5d492ad3ed04099178123f0a141e09b03e1f3e0310da04bb04b886757f87d9f6
SHA512

c5650e4d926ec4cd6d91131029dfb5b7b17b14a2f34edcfc39f210914d44b96a1edd726a39e26123f1538cb1919705385eb61ee9ba6b63d2f65a9621f729376a
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qe:CcaClSFlG4ZM7QzMl

Score

7^/10

Malware Config

Targets

- Target
  
  5d492ad3ed04099178123f0a141e09b03e1f3e0310da04bb04b886757f87d9f6
- Size
  
  1.1MB
- MD5
  
  6d00844cbde8bdeef9c76779e6cd1bb8
- SHA1
  
  4fd1972ae6b9d15211b7c35f5f592bdb26ca1236
- SHA256
  
  5d492ad3ed04099178123f0a141e09b03e1f3e0310da04bb04b886757f87d9f6
- SHA512
  
  c5650e4d926ec4cd6d91131029dfb5b7b17b14a2f34edcfc39f210914d44b96a1edd726a39e26123f1538cb1919705385eb61ee9ba6b63d2f65a9621f729376a
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qe:CcaClSFlG4ZM7QzMl
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2