6b3f1414d14cda0b582420ffe7f1484356882fcc21e7fb1a19ab86008ca57b70 | Triage

Sharing

General

Target

SecuriteInfo.com.not-a-virus.HEUR.WebToolbar.Win32.Olaunch.gen.31359.22854
Size

3.2MB
Sample

240523-b7gajahb91
MD5

2d083e880e7dc3554f2561bcf21cd23d
SHA1

8aa9e9f69636a354722cf7e3fc391e9a510e19c9
SHA256

6b3f1414d14cda0b582420ffe7f1484356882fcc21e7fb1a19ab86008ca57b70
SHA512

7a390b76401823cef95dcab3a2c6ae21fc958f3a1dbb7384183ee4cd2698debf37a7c4802b8a56ae62a5c6924c3cb6b99d4cb4e07453633622d807e43d361379
SSDEEP

49152:zqe3f6Rz4O5RLa6I8SwvMHDB+q0gabxS5xru87+DjqVX5rIJwI2J5PiH7nBGtm:uSiRz4iRPsA9f85xSLjgJLTiH7BUm

Score

6^/10

Malware Config

Targets

- Target
  
  SecuriteInfo.com.not-a-virus.HEUR.WebToolbar.Win32.Olaunch.gen.31359.22854
- Size
  
  3.2MB
- MD5
  
  2d083e880e7dc3554f2561bcf21cd23d
- SHA1
  
  8aa9e9f69636a354722cf7e3fc391e9a510e19c9
- SHA256
  
  6b3f1414d14cda0b582420ffe7f1484356882fcc21e7fb1a19ab86008ca57b70
- SHA512
  
  7a390b76401823cef95dcab3a2c6ae21fc958f3a1dbb7384183ee4cd2698debf37a7c4802b8a56ae62a5c6924c3cb6b99d4cb4e07453633622d807e43d361379
- SSDEEP
  
  49152:zqe3f6Rz4O5RLa6I8SwvMHDB+q0gabxS5xru87+DjqVX5rIJwI2J5PiH7nBGtm:uSiRz4iRPsA9f85xSLjgJLTiH7BUm
Score

6^/10
- Downloads MZ/PE file
- Legitimate hosting services abused for malware hosting/C2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2