c91d512a7d7b08354012e6ba15e6d5f08c613cbcec6b48cddbca89f6650486a2 | Triage

Sharing

General

Target

c91d512a7d7b08354012e6ba15e6d5f08c613cbcec6b48cddbca89f6650486a2
Size

1.1MB
Sample

240709-gtd6xazalr
MD5

9812e95215aed15de740ace8eede2357
SHA1

3aaa0bbbb9d512f6e63e4e5b2231bcd40582f910
SHA256

c91d512a7d7b08354012e6ba15e6d5f08c613cbcec6b48cddbca89f6650486a2
SHA512

d92e2961132d2b1e112ec5d0b5949f772eea736fe8f3753686e464f2f5aec56555c51d1667ee4b780c90ef348d5b898962b013b1cc95718e718142c88a657d22
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qp:acallSllG4ZM7QzMq

Score

7^/10

Malware Config

Targets

- Target
  
  c91d512a7d7b08354012e6ba15e6d5f08c613cbcec6b48cddbca89f6650486a2
- Size
  
  1.1MB
- MD5
  
  9812e95215aed15de740ace8eede2357
- SHA1
  
  3aaa0bbbb9d512f6e63e4e5b2231bcd40582f910
- SHA256
  
  c91d512a7d7b08354012e6ba15e6d5f08c613cbcec6b48cddbca89f6650486a2
- SHA512
  
  d92e2961132d2b1e112ec5d0b5949f772eea736fe8f3753686e464f2f5aec56555c51d1667ee4b780c90ef348d5b898962b013b1cc95718e718142c88a657d22
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qp:acallSllG4ZM7QzMq
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2