04ab55c8ba124e2e05e7144050d2dbfeabe0d1d2a72e23338088461aaff20251 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04ab55c8ba124e2e05e7144050d2dbfeabe0d1d2a72e23338088461aaff20251
Size

1.1MB
Sample

240517-y3bktaha8w
MD5

df50218007332c5d6d49f16bdcae4fa2
SHA1

be881b7ca19f6442e74e790233154f6c8688ce88
SHA256

04ab55c8ba124e2e05e7144050d2dbfeabe0d1d2a72e23338088461aaff20251
SHA512

060ef08e95bb55f3db9a6f777987c50d539af47bd3f987283fc34aa7088fc94903828afbe928bb4dc87f940333d32b7bc2dfd15e6f043e7ef77b4e3a94e9c024
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Q6:CcaClSFlG4ZM7QzM5

Score

7^/10

Malware Config

Targets

- Target
  
  04ab55c8ba124e2e05e7144050d2dbfeabe0d1d2a72e23338088461aaff20251
- Size
  
  1.1MB
- MD5
  
  df50218007332c5d6d49f16bdcae4fa2
- SHA1
  
  be881b7ca19f6442e74e790233154f6c8688ce88
- SHA256
  
  04ab55c8ba124e2e05e7144050d2dbfeabe0d1d2a72e23338088461aaff20251
- SHA512
  
  060ef08e95bb55f3db9a6f777987c50d539af47bd3f987283fc34aa7088fc94903828afbe928bb4dc87f940333d32b7bc2dfd15e6f043e7ef77b4e3a94e9c024
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Q6:CcaClSFlG4ZM7QzM5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2