0a706a84e5e23d88ce20bcdccb89428123974d249b554814408f4e17be680f1f | Triage

Sharing

General

Target

0a706a84e5e23d88ce20bcdccb89428123974d249b554814408f4e17be680f1f.exe
Size

255KB
Sample

240703-z1aq6sxcjj
MD5

4eabf20dfa743c705dd073bf1202abd0
SHA1

387cd4b46dd10bbc8b73fd1d7c456b751e786966
SHA256

0a706a84e5e23d88ce20bcdccb89428123974d249b554814408f4e17be680f1f
SHA512

88e193fee676fb0b6bf81e55abe64fee74ffeafe778731c8ca8516c1aefdf6300f574a286f87e966840a62d60ac504d0812f907e5345fb47dfc5e01b0102120d
SSDEEP

6144:9saocyLCn4X2jo9jPmrcNlz694qFkRxNU53aU:9tobM4Xn9Ppx6SgKU

Score

7^/10

Malware Config

Targets

- Target
  
  0a706a84e5e23d88ce20bcdccb89428123974d249b554814408f4e17be680f1f.exe
- Size
  
  255KB
- MD5
  
  4eabf20dfa743c705dd073bf1202abd0
- SHA1
  
  387cd4b46dd10bbc8b73fd1d7c456b751e786966
- SHA256
  
  0a706a84e5e23d88ce20bcdccb89428123974d249b554814408f4e17be680f1f
- SHA512
  
  88e193fee676fb0b6bf81e55abe64fee74ffeafe778731c8ca8516c1aefdf6300f574a286f87e966840a62d60ac504d0812f907e5345fb47dfc5e01b0102120d
- SSDEEP
  
  6144:9saocyLCn4X2jo9jPmrcNlz694qFkRxNU53aU:9tobM4Xn9Ppx6SgKU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/installer.exe
- Size
  
  198KB
- MD5
  
  7950260db65cd017c5cf1b925d2fcd83
- SHA1
  
  6695ec132f781e2cabf880fe25068cbe0a75a761
- SHA256
  
  2b18da136c09287e5a8e29821b1301e11bfd0a8c7d5633b63a115681adbc9edc
- SHA512
  
  ed98e20dc18c4fcb249d8a057cf0856d3cd48012218e95053672e8113c310e8f524b33139a6064e5593551e69b5db04a958bbda1a9aeca4b850b34a31e9f5356
- SSDEEP
  
  3072:dVWmJrXiQbfVka6dvzuxB5fNibXda0gXvF1UoG6MtEGqPuxKIC+xsFoxU1CFWe16:d/S4kamSfzh91c4vPuxKIBxsaM87pi
Score

6^/10
- Drops desktop.ini file(s)
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  8KB
- MD5
  
  249ae678f0dac4c625c6de6aca53823a
- SHA1
  
  6ac2b9e90e8445fed4c45c5dbf2d0227cd3b5201
- SHA256
  
  7298024a36310b7c4c112be87b61b62a0b1be493e2d5252a19e5e976daf674ce
- SHA512
  
  66e4081a40f3191bf28b810cf8411cb3c8c3e3ec5943e18d6672414fb5e7b4364f862cba44c9115c599ac90890ef02a773e254e7c979e930946bc52b0693aad7
- SSDEEP
  
  192:r/QeHNWSvUTfWdXw08LYKFaynLb3MRlbOVlR:7jBvwudT8LJxnnMRlyVlR
Score

3^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6