2695257d4bdbf56f979b486881cb3620c93cd7d7d2e0cf40d8d17be7a2f07d23 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

notion_win_x64.exe
Size

82.3MB
Sample

240603-fmbxjacc4w
MD5

771b3d466a16b1b7f9ea1a71b67dddc3
SHA1

77220ecdcdadd608c203421857c85fe5bdae38c0
SHA256

2695257d4bdbf56f979b486881cb3620c93cd7d7d2e0cf40d8d17be7a2f07d23
SHA512

d26c5c7388cf5216e5b6e3f7b25570aee95d0c7370b43fd3dd2cf139e696d49ea6878e0a93f6eda9a4c7ccf5ac7491e8108052432cc4897eb64d772bd190c09a
SSDEEP

1572864:9qtnsjkeRmlNb5XHvfgWkZKcZ1XY2F+xTqcjS3Y6WdtSuU8mjFeSnD6RK6Z:9qd9SmThHXpk3vI2Ivu3Y6W7SS4FeSne

Score

7^/10

Malware Config

Targets

- Target
  
  notion_win_x64.exe
- Size
  
  82.3MB
- MD5
  
  771b3d466a16b1b7f9ea1a71b67dddc3
- SHA1
  
  77220ecdcdadd608c203421857c85fe5bdae38c0
- SHA256
  
  2695257d4bdbf56f979b486881cb3620c93cd7d7d2e0cf40d8d17be7a2f07d23
- SHA512
  
  d26c5c7388cf5216e5b6e3f7b25570aee95d0c7370b43fd3dd2cf139e696d49ea6878e0a93f6eda9a4c7ccf5ac7491e8108052432cc4897eb64d772bd190c09a
- SSDEEP
  
  1572864:9qtnsjkeRmlNb5XHvfgWkZKcZ1XY2F+xTqcjS3Y6WdtSuU8mjFeSnD6RK6Z:9qd9SmThHXpk3vI2Ivu3Y6W7SS4FeSne
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2