48ca527e1c3535cdf59d3efb4372b2a9ecb72b2ace91afc553f57765032dc322 | Triage

Sharing

General

Target

48ca527e1c3535cdf59d3efb4372b2a9ecb72b2ace91afc553f57765032dc322.exe
Size

423KB
Sample

240704-mwl77aybjd
MD5

824fd3d70a605fe38823542e6bdb1c80
SHA1

e933bc3ce41c8870c9448634c8df5ed17900d05f
SHA256

48ca527e1c3535cdf59d3efb4372b2a9ecb72b2ace91afc553f57765032dc322
SHA512

70a493fafd28ee9765df9801a5913d79875fd9ec8e68716519c36a9779e9aa36f0c885c1eef86a1fa6c1b82658c002516833518960263a0d79d88b55c3aa1121
SSDEEP

6144:2lrEttaPB724vPDvhO39nidOvM+EtR07Fs3qQLyjjz2h7lkeh1+sJK8lEquUcmt:2GDaV2iA39niHtFLA2h/+sDltb

Score

7^/10

Malware Config

Targets

- Target
  
  48ca527e1c3535cdf59d3efb4372b2a9ecb72b2ace91afc553f57765032dc322.exe
- Size
  
  423KB
- MD5
  
  824fd3d70a605fe38823542e6bdb1c80
- SHA1
  
  e933bc3ce41c8870c9448634c8df5ed17900d05f
- SHA256
  
  48ca527e1c3535cdf59d3efb4372b2a9ecb72b2ace91afc553f57765032dc322
- SHA512
  
  70a493fafd28ee9765df9801a5913d79875fd9ec8e68716519c36a9779e9aa36f0c885c1eef86a1fa6c1b82658c002516833518960263a0d79d88b55c3aa1121
- SSDEEP
  
  6144:2lrEttaPB724vPDvhO39nidOvM+EtR07Fs3qQLyjjz2h7lkeh1+sJK8lEquUcmt:2GDaV2iA39niHtFLA2h/+sDltb
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2