16673efd54028fccf5ad195b266fe2fe125858e0df778c684de3b72925d58f1b | Triage

Sharing

General

Target

16673efd54028fccf5ad195b266fe2fe125858e0df778c684de3b72925d58f1b.exe
Size

5KB
Sample

240704-2qd2ysteml
MD5

7d97995b87f185ef3e4f1b2cb5e7bbb0
SHA1

7158cd53d0540da768774e6399a16429f8bad798
SHA256

16673efd54028fccf5ad195b266fe2fe125858e0df778c684de3b72925d58f1b
SHA512

cff74a75c8af7db4c49a1b961a6f42482c3ff015a102d4603364a3618d3eda3f827c4b887e8f7d3ccb573c8563186c621618a7d58d3b576642e47e451b3c0079
SSDEEP

48:IYLkM5UIZe84MuZbPpHHBQr8bQXJ1rsHB/VnC/RAxUDCSCqXKnuaa7vElBnbxeBj:IfM5UIX4Txw8WuHnnwR2UDCtdjbMyYNX

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  16673efd54028fccf5ad195b266fe2fe125858e0df778c684de3b72925d58f1b.exe
- Size
  
  5KB
- MD5
  
  7d97995b87f185ef3e4f1b2cb5e7bbb0
- SHA1
  
  7158cd53d0540da768774e6399a16429f8bad798
- SHA256
  
  16673efd54028fccf5ad195b266fe2fe125858e0df778c684de3b72925d58f1b
- SHA512
  
  cff74a75c8af7db4c49a1b961a6f42482c3ff015a102d4603364a3618d3eda3f827c4b887e8f7d3ccb573c8563186c621618a7d58d3b576642e47e451b3c0079
- SSDEEP
  
  48:IYLkM5UIZe84MuZbPpHHBQr8bQXJ1rsHB/VnC/RAxUDCSCqXKnuaa7vElBnbxeBj:IfM5UIX4Txw8WuHnnwR2UDCtdjbMyYNX
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2