6c919a9c088f08d7a389799916ba28f6a9ca58a206c67e96b26a88ff07a64a80 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Expensive 3.1.rar
Size

1.5MB
Sample

240526-tpfv6acc7s
MD5

f87bbb2df3266622cce046a2ab797bdd
SHA1

08b5d3f05dd6cff2d5af06e6eef6d93b67afa7b6
SHA256

6c919a9c088f08d7a389799916ba28f6a9ca58a206c67e96b26a88ff07a64a80
SHA512

8a0368b9e3c4ada030a6fe184519eeea802f6ca75317c2687eb67cc1f0ede74ce7354827d38519361fbdc3e766a534667e6bd693222498ef940985bf692eb704
SSDEEP

24576:5MyspZrG6LicM1I/b9Ddf7dPf9dcWrwT7B1Nqbe8G/pvFMS1w1Rqmi8vV:MFFib1IZDxFY3ApwDcvV

Score

7^/10

Malware Config

Targets

- Target
  
  Expensive 3.1.exe
- Size
  
  1.6MB
- MD5
  
  a1259c1963487ab2d12a777ec7cd15a6
- SHA1
  
  deeb3f5fc82788f985311cc214762c0a8bd0bfef
- SHA256
  
  c4f2cf7648d862d6b50eacdf012cf18d3cbeaf22021562322db5fdfa1df9a079
- SHA512
  
  17e3e97936496db9e0d3cf2dc285413d338cfa29fe4b8f40ff2cb194a22fdb76420a590bf4c971419178f072ff882b5b49d87b104639ae693cee101ed9ee9aa3
- SSDEEP
  
  24576:Z5HZ3X3S4HPRC9voB3Dw3eoXQdJ28YLlp+vNW/xSEsw8xJjWwxN9FW:Z/X3bRCOB3Dw3ZAL+Bp+v9Esw8DXL9FW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2