93ea3caa5e2b6ed8f1da347829664d1e4ec7ad2def94791b2ffdac2c526df48a | Triage

Sharing

General

Target

93ea3caa5e2b6ed8f1da347829664d1e4ec7ad2def94791b2ffdac2c526df48a
Size

93KB
Sample

240529-adrczaba74
MD5

565f6ac5f84bc7f85552f9235e6f6c6d
SHA1

e36f88ed23ba029715f73743667db83cc56d3cc2
SHA256

93ea3caa5e2b6ed8f1da347829664d1e4ec7ad2def94791b2ffdac2c526df48a
SHA512

ac12e1eabdd017fc337cda3e33b3adb6a38bc768ee6238811b763d49ee2d3e36d9479f1be412944542d95c7406e194f0d4bc511c3a9fbe565a085363f29f3ad5
SSDEEP

1536:xch3vwSbax3rHV6+HwsWGhG5JiBzQmVvHz:BHTrhWiBzQK

Score

7^/10

Malware Config

Targets

- Target
  
  93ea3caa5e2b6ed8f1da347829664d1e4ec7ad2def94791b2ffdac2c526df48a
- Size
  
  93KB
- MD5
  
  565f6ac5f84bc7f85552f9235e6f6c6d
- SHA1
  
  e36f88ed23ba029715f73743667db83cc56d3cc2
- SHA256
  
  93ea3caa5e2b6ed8f1da347829664d1e4ec7ad2def94791b2ffdac2c526df48a
- SHA512
  
  ac12e1eabdd017fc337cda3e33b3adb6a38bc768ee6238811b763d49ee2d3e36d9479f1be412944542d95c7406e194f0d4bc511c3a9fbe565a085363f29f3ad5
- SSDEEP
  
  1536:xch3vwSbax3rHV6+HwsWGhG5JiBzQmVvHz:BHTrhWiBzQK
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2