4dc4094f8a14c9b30cb787a3bbf758537d29f3edd41bb75a9f6fcb1a73887224 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29dea47d9b0bfd005320b6e07a9a0880N.exe
Size

540KB
Sample

240709-epq9kaxfrb
MD5

29dea47d9b0bfd005320b6e07a9a0880
SHA1

df3a6cc72b0b3ea6b5e1816bb7d197e62eab92e8
SHA256

4dc4094f8a14c9b30cb787a3bbf758537d29f3edd41bb75a9f6fcb1a73887224
SHA512

d16779afcacdf8e9f08a4d2cceb9541c47570d7f02f0029afb34326de2ab662bdb23fbeba3c5e190a8c03d5e78d1ea5d4714aff0c514946f3e9204b174600487
SSDEEP

3072:qCaoAs101Pol0xPTM7mRCAdJSSxPUkl3V4Vh1q+MQTCk/dN92sdNhavtrVdewnAK:qqDAwl0xPTMiR9JSSxPUKuqododHYS

Score

7^/10

Malware Config

Targets

- Target
  
  29dea47d9b0bfd005320b6e07a9a0880N.exe
- Size
  
  540KB
- MD5
  
  29dea47d9b0bfd005320b6e07a9a0880
- SHA1
  
  df3a6cc72b0b3ea6b5e1816bb7d197e62eab92e8
- SHA256
  
  4dc4094f8a14c9b30cb787a3bbf758537d29f3edd41bb75a9f6fcb1a73887224
- SHA512
  
  d16779afcacdf8e9f08a4d2cceb9541c47570d7f02f0029afb34326de2ab662bdb23fbeba3c5e190a8c03d5e78d1ea5d4714aff0c514946f3e9204b174600487
- SSDEEP
  
  3072:qCaoAs101Pol0xPTM7mRCAdJSSxPUkl3V4Vh1q+MQTCk/dN92sdNhavtrVdewnAK:qqDAwl0xPTMiR9JSSxPUKuqododHYS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2