0ff316be7ca4305f2cf15806842b005388f878765270f42e39712b57281159d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ff316be7ca4305f2cf15806842b005388f878765270f42e39712b57281159d0
Size

47KB
Sample

240519-xemshacd6s
MD5

b85e6003d4106b182ba7a844a3a4a8f2
SHA1

161a78af43f31dff9848f4f3e6a0990bd2c23980
SHA256

0ff316be7ca4305f2cf15806842b005388f878765270f42e39712b57281159d0
SHA512

f1cc6579bb1bf1fe45ab089a8c4581b2b08669a5cd653f1fefa389b69a6c93033c7d1df6d1318c352bb9326918db1c44796e5dcd7580579a6dcc57b549818418
SSDEEP

768:osJX+vzlGKec5+RZDKzepeNPmG6JX6UOFwk1023dY/ToBHuARL:osJElGKecg/DcepeNPmG6JX1yXtBBOSL

Score

7^/10

Malware Config

Targets

- Target
  
  0ff316be7ca4305f2cf15806842b005388f878765270f42e39712b57281159d0
- Size
  
  47KB
- MD5
  
  b85e6003d4106b182ba7a844a3a4a8f2
- SHA1
  
  161a78af43f31dff9848f4f3e6a0990bd2c23980
- SHA256
  
  0ff316be7ca4305f2cf15806842b005388f878765270f42e39712b57281159d0
- SHA512
  
  f1cc6579bb1bf1fe45ab089a8c4581b2b08669a5cd653f1fefa389b69a6c93033c7d1df6d1318c352bb9326918db1c44796e5dcd7580579a6dcc57b549818418
- SSDEEP
  
  768:osJX+vzlGKec5+RZDKzepeNPmG6JX6UOFwk1023dY/ToBHuARL:osJElGKecg/DcepeNPmG6JX1yXtBBOSL
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2