40a1d8f01d8fec4f5f5f792f5eac6dafef06000d449945f35d5dae42cfc42cf1 | Triage

Sharing

General

Target

40a1d8f01d8fec4f5f5f792f5eac6dafef06000d449945f35d5dae42cfc42cf1
Size

224KB
Sample

240522-zq23nsgd74
MD5

c764103970ce96b53fe978f89fbc5da8
SHA1

fda794f98be309c4392bf734f7e1e0b5e637287f
SHA256

40a1d8f01d8fec4f5f5f792f5eac6dafef06000d449945f35d5dae42cfc42cf1
SHA512

a969c1e8b7bb6d2150220618e7059e9db82876a12e5c9c6c583ae07989b2fe7ae3fab70927fcacc49497530ad7f1c6d43b68235c7f497d00fc9ab6d827923e98
SSDEEP

3072:G97KNJfPcgnhCjG8G3GbGVGBGfGuGxGWYcrf6Kad0:G9mNmKAYcD6Kad

Score

7^/10

Malware Config

Targets

- Target
  
  40a1d8f01d8fec4f5f5f792f5eac6dafef06000d449945f35d5dae42cfc42cf1
- Size
  
  224KB
- MD5
  
  c764103970ce96b53fe978f89fbc5da8
- SHA1
  
  fda794f98be309c4392bf734f7e1e0b5e637287f
- SHA256
  
  40a1d8f01d8fec4f5f5f792f5eac6dafef06000d449945f35d5dae42cfc42cf1
- SHA512
  
  a969c1e8b7bb6d2150220618e7059e9db82876a12e5c9c6c583ae07989b2fe7ae3fab70927fcacc49497530ad7f1c6d43b68235c7f497d00fc9ab6d827923e98
- SSDEEP
  
  3072:G97KNJfPcgnhCjG8G3GbGVGBGfGuGxGWYcrf6Kad0:G9mNmKAYcD6Kad
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2