fd95dc45cf923c4da431483d525b6bbb5dfd9effa0480b43c3f88600ba4bb3b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

MalV4.zip
Size

458KB
Sample

240524-zzgs4abd26
MD5

d3cc5d8bba080d1c16435ed99f4cd909
SHA1

2f0c4f11b9bc733a05359bec121237372d30ddfe
SHA256

fd95dc45cf923c4da431483d525b6bbb5dfd9effa0480b43c3f88600ba4bb3b9
SHA512

7514d78a6d7891ad64dc0b153d847556d1d804d05a604936d817ad4fa2c699cd3403e84db7408a4e023aef25b222c9115dc1a57a394dcd04fe90be2a9b383ef6
SSDEEP

12288:IJMFgQ7QrR7gi0C8HDffkBcPWc2KhCBJQmbvL:ImGwQrJgi0DHDfyJ3Vwmf

Score

8^/10

Malware Config

Targets

- Target
  
  Updater.exe
- Size
  
  650KB
- MD5
  
  671ff50906c5ae9f5a2b41464b72e190
- SHA1
  
  6d42167266f41c75906b838aff16d2598d9a6e04
- SHA256
  
  fd10da817a3a8b8bd2f048faf73c0b9870bec1a7fcfffd891af0ddc8af835cc2
- SHA512
  
  9e7ae9a3e842d7cf62f64d459832d4c16c29e851e62b4c2a720069245531ed5172906aa18ed7750c1b40a54bc070f22db6d7656dc70d60962643f65133edcf8b
- SSDEEP
  
  12288:dzkEVU7nMnPGuMrEDWT44NNHpgs4C8H1fHkBcBWcGCbCXJQ+biZN:dz9VU7nMnPGuXXmNHpgs4DH1fqpdVq+Y
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2