674af022380eb406803062ef85f63d3dfc8a092dc1e09d8e738690008f9ed921 | Triage

Sharing

General

Target

674af022380eb406803062ef85f63d3dfc8a092dc1e09d8e738690008f9ed921
Size

10.3MB
Sample

240523-1yywnaaf34
MD5

9f4e4a1d6398cd8a1432e363f7e44fb7
SHA1

d7be4673d3736d3db2ac21a55e71c5aa7be76347
SHA256

674af022380eb406803062ef85f63d3dfc8a092dc1e09d8e738690008f9ed921
SHA512

c207717dd5f53643f23d54a6a7a94aa5ff0424c4aa39482e03760f6c513ae0a40cac0b4550ecae3b269c68f8c43a6adb4f05ff14632dfe2b10b99c396f96b84d
SSDEEP

196608:QPF+VF8UYqsBmiFm4CTqfG+vTiwnDmNQkJM8uDIYnKOix6:CF+P8UD4F3e+biSDcQwM8uDuq

Score

7^/10

Malware Config

Targets

- Target
  
  674af022380eb406803062ef85f63d3dfc8a092dc1e09d8e738690008f9ed921
- Size
  
  10.3MB
- MD5
  
  9f4e4a1d6398cd8a1432e363f7e44fb7
- SHA1
  
  d7be4673d3736d3db2ac21a55e71c5aa7be76347
- SHA256
  
  674af022380eb406803062ef85f63d3dfc8a092dc1e09d8e738690008f9ed921
- SHA512
  
  c207717dd5f53643f23d54a6a7a94aa5ff0424c4aa39482e03760f6c513ae0a40cac0b4550ecae3b269c68f8c43a6adb4f05ff14632dfe2b10b99c396f96b84d
- SSDEEP
  
  196608:QPF+VF8UYqsBmiFm4CTqfG+vTiwnDmNQkJM8uDIYnKOix6:CF+P8UD4F3e+biSDcQwM8uDuq
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2