409233ccb2d21d63cae386eceeb0df82c653f313ffc2cfe3dc0edc39b2b071e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DLL.dll
Size

645KB
Sample

240703-qcqm2sxckc
MD5

70f36f9bc53728b920836f968b1649fc
SHA1

0b8deeedd36af427ba137a666e333ccc6af1ab24
SHA256

409233ccb2d21d63cae386eceeb0df82c653f313ffc2cfe3dc0edc39b2b071e4
SHA512

d0f785b9ef64d94cff1f8d4a54fd097f7e152397d98ffe9a3762bc4db17b7b6682d726fd5f20811d4befe8da37b36bd6ecbc91574b54a6f74f54e25e7d1016ae
SSDEEP

12288:0GTs7SWetIXGXiAvB+7DD9My+gYzcHwp0Mdz2FhO0ktFqoA:LTsjoIXSiAo5Mb1cHwp0Mdz2FhOrtko

Score

8^/10

Malware Config

Targets

- Target
  
  DLL.dll
- Size
  
  645KB
- MD5
  
  70f36f9bc53728b920836f968b1649fc
- SHA1
  
  0b8deeedd36af427ba137a666e333ccc6af1ab24
- SHA256
  
  409233ccb2d21d63cae386eceeb0df82c653f313ffc2cfe3dc0edc39b2b071e4
- SHA512
  
  d0f785b9ef64d94cff1f8d4a54fd097f7e152397d98ffe9a3762bc4db17b7b6682d726fd5f20811d4befe8da37b36bd6ecbc91574b54a6f74f54e25e7d1016ae
- SSDEEP
  
  12288:0GTs7SWetIXGXiAvB+7DD9My+gYzcHwp0Mdz2FhO0ktFqoA:LTsjoIXSiAo5Mb1cHwp0Mdz2FhOrtko
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2