641cf8b6583f0020d19b9048a3a436ad2492104d10753bd7a134bd03a10e7d9d | Triage

Sharing

General

Target

641cf8b6583f0020d19b9048a3a436ad2492104d10753bd7a134bd03a10e7d9d.exe
Size

34KB
Sample

240523-a1lq1afa8v
MD5

19cfc6f8576e76c5d006f6c821ade6b0
SHA1

28ecb7e0cf915161165b5a734415dd5c183638f7
SHA256

641cf8b6583f0020d19b9048a3a436ad2492104d10753bd7a134bd03a10e7d9d
SHA512

e22e15f5e5b3b025288c2e730499490e53268c728160851b39f736a14ec95b533828d326e93a58c3ee4a2b260da5920c6b2af1ace8c9a2de410114f6bd9e6028
SSDEEP

384:MApc8m4e0fvQak4JI341CUuabnkIU0Sqyz0pXwSScreDj:MApQr0fvdFJI34hnTkIU0CztSlreDj

Score

7^/10

Malware Config

Targets

- Target
  
  641cf8b6583f0020d19b9048a3a436ad2492104d10753bd7a134bd03a10e7d9d.exe
- Size
  
  34KB
- MD5
  
  19cfc6f8576e76c5d006f6c821ade6b0
- SHA1
  
  28ecb7e0cf915161165b5a734415dd5c183638f7
- SHA256
  
  641cf8b6583f0020d19b9048a3a436ad2492104d10753bd7a134bd03a10e7d9d
- SHA512
  
  e22e15f5e5b3b025288c2e730499490e53268c728160851b39f736a14ec95b533828d326e93a58c3ee4a2b260da5920c6b2af1ace8c9a2de410114f6bd9e6028
- SSDEEP
  
  384:MApc8m4e0fvQak4JI341CUuabnkIU0Sqyz0pXwSScreDj:MApQr0fvdFJI34hnTkIU0CztSlreDj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2