d0ce871abf7183654c5f502449280f26397d5116ae6f35ef699667d0fd5f24df | Triage

Sharing

General

Target

d0ce871abf7183654c5f502449280f26397d5116ae6f35ef699667d0fd5f24df
Size

1.8MB
Sample

240523-lccnzabh2y
MD5

125c54d00348cac0a181e0996ae78432
SHA1

8888c98594a66fc4c675455286a34149bcc47495
SHA256

d0ce871abf7183654c5f502449280f26397d5116ae6f35ef699667d0fd5f24df
SHA512

5b298cb266a4fdefeed507b7abbcd2a03b45e68b954732402b36d8550530e1e9fc2c32e445d06c2dc7ddc56657f5ee9e89dbc34461d01a134303e71bb82c2501
SSDEEP

49152:NuWuKv4E11ykEQ7+HxYaP5VIc/r6bM4dYk0:NuWuux1o5Q7+HX5Vd/MdYR

Score

7^/10

Malware Config

Targets

- Target
  
  d0ce871abf7183654c5f502449280f26397d5116ae6f35ef699667d0fd5f24df
- Size
  
  1.8MB
- MD5
  
  125c54d00348cac0a181e0996ae78432
- SHA1
  
  8888c98594a66fc4c675455286a34149bcc47495
- SHA256
  
  d0ce871abf7183654c5f502449280f26397d5116ae6f35ef699667d0fd5f24df
- SHA512
  
  5b298cb266a4fdefeed507b7abbcd2a03b45e68b954732402b36d8550530e1e9fc2c32e445d06c2dc7ddc56657f5ee9e89dbc34461d01a134303e71bb82c2501
- SSDEEP
  
  49152:NuWuKv4E11ykEQ7+HxYaP5VIc/r6bM4dYk0:NuWuux1o5Q7+HX5Vd/MdYR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2