31025ee3c26b0aea4bbd6da1d7df19ae7f042aba0292ff1188796faa5cfe4da7 | Triage

Sharing

General

Target

31025ee3c26b0aea4bbd6da1d7df19ae7f042aba0292ff1188796faa5cfe4da7
Size

5KB
Sample

240525-yyh44agg6t
MD5

5e9f7b91b6abff657193bf4d1d2ff51d
SHA1

6141a95165876c4e8a093a8363f84e08785bd31c
SHA256

31025ee3c26b0aea4bbd6da1d7df19ae7f042aba0292ff1188796faa5cfe4da7
SHA512

6a721d70fac37d1365a77e91fb910cac061de1ee243b773f4892e8ba7a1f2ba98cdb67b71a23cf57bd6cc8010fec49c150805414405035a5c268c33be87895b0
SSDEEP

48:qao9qAmcRB/G9uorpaSmjce1rsHB/VnC/RAxUh2CS70ALNx:6rhLa/+uHnnwR2Uh2ClAhx

Score

7^/10

Malware Config

Targets

- Target
  
  31025ee3c26b0aea4bbd6da1d7df19ae7f042aba0292ff1188796faa5cfe4da7
- Size
  
  5KB
- MD5
  
  5e9f7b91b6abff657193bf4d1d2ff51d
- SHA1
  
  6141a95165876c4e8a093a8363f84e08785bd31c
- SHA256
  
  31025ee3c26b0aea4bbd6da1d7df19ae7f042aba0292ff1188796faa5cfe4da7
- SHA512
  
  6a721d70fac37d1365a77e91fb910cac061de1ee243b773f4892e8ba7a1f2ba98cdb67b71a23cf57bd6cc8010fec49c150805414405035a5c268c33be87895b0
- SSDEEP
  
  48:qao9qAmcRB/G9uorpaSmjce1rsHB/VnC/RAxUh2CS70ALNx:6rhLa/+uHnnwR2Uh2ClAhx
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2