56b2fe15b0f76b83976dbf39915c67cb1b2df145e42761c78460b07a39f8f117 | Triage

Sharing

General

Target

22052024_0222_dial.lnk
Size

2KB
Sample

240522-ctm2lahd9v
MD5

1e301de5080d0dd3a435c365e154b91f
SHA1

f57b355ab36589585a133826a50f5cfcf22102c1
SHA256

56b2fe15b0f76b83976dbf39915c67cb1b2df145e42761c78460b07a39f8f117
SHA512

2bec4d153106ea2b7c73274fff1fde531b13fab6c1cbca370c01bd3439e6b0bb495391da360d55fc41d277e6dc552f2690b77576af3315b617c52dc89248ab27

Score

8^/10

execution

Malware Config

Targets

- Target
  
  22052024_0222_dial.lnk
- Size
  
  2KB
- MD5
  
  1e301de5080d0dd3a435c365e154b91f
- SHA1
  
  f57b355ab36589585a133826a50f5cfcf22102c1
- SHA256
  
  56b2fe15b0f76b83976dbf39915c67cb1b2df145e42761c78460b07a39f8f117
- SHA512
  
  2bec4d153106ea2b7c73274fff1fde531b13fab6c1cbca370c01bd3439e6b0bb495391da360d55fc41d277e6dc552f2690b77576af3315b617c52dc89248ab27
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2