b90f3ab3e8eb959f8b878dcc595790133afd8f301a2732667f71316f274e26d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b90f3ab3e8eb959f8b878dcc595790133afd8f301a2732667f71316f274e26d9
Size

1.1MB
Sample

240704-28xl1svepn
MD5

0d9aa6457e2cb5e7aa30cdbe628d634e
SHA1

4ad0470107c4e4ca8919b307dcbd76efa9391a06
SHA256

b90f3ab3e8eb959f8b878dcc595790133afd8f301a2732667f71316f274e26d9
SHA512

a04dccddd49a9eb9c82b6ff6dc45f105c1aa8014cc13fa165d8fba99765608644df827049e2fe2cc02a76630a0db15d8178caa3ab4b66dbbc02a361caa0cc2f3
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5QX:CcaClSFlG4ZM7QzMw

Score

7^/10

Malware Config

Targets

- Target
  
  b90f3ab3e8eb959f8b878dcc595790133afd8f301a2732667f71316f274e26d9
- Size
  
  1.1MB
- MD5
  
  0d9aa6457e2cb5e7aa30cdbe628d634e
- SHA1
  
  4ad0470107c4e4ca8919b307dcbd76efa9391a06
- SHA256
  
  b90f3ab3e8eb959f8b878dcc595790133afd8f301a2732667f71316f274e26d9
- SHA512
  
  a04dccddd49a9eb9c82b6ff6dc45f105c1aa8014cc13fa165d8fba99765608644df827049e2fe2cc02a76630a0db15d8178caa3ab4b66dbbc02a361caa0cc2f3
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5QX:CcaClSFlG4ZM7QzMw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2