f2a6cbf1946365978eed4bbb5d34970a6933e04034fcbf32f5bd76ff39231622 | Triage

Sharing

General

Target

f2a6cbf1946365978eed4bbb5d34970a6933e04034fcbf32f5bd76ff39231622
Size

29KB
Sample

240709-h8vymsvepc
MD5

87eac925801bd9819d91eb39133fe001
SHA1

748f0b0626667268eb7a0f4bc38ec7a61b2e0ec6
SHA256

f2a6cbf1946365978eed4bbb5d34970a6933e04034fcbf32f5bd76ff39231622
SHA512

f1d809a24102082d63bc8e61ea533af6310a5ed11be68e2e61a7f4e7a16add47f614180c14c9487b3ae3d417f83d18e003142a330df307169c222d44db188f30
SSDEEP

384:dUJ8s1g8ssAi6D9VIt13vfdHldhwLGEGi+OGa0Mr8SmM:SasbLAiict13vfdHldhwyEr+OGa0MrV

Score

7^/10

Malware Config

Targets

- Target
  
  f2a6cbf1946365978eed4bbb5d34970a6933e04034fcbf32f5bd76ff39231622
- Size
  
  29KB
- MD5
  
  87eac925801bd9819d91eb39133fe001
- SHA1
  
  748f0b0626667268eb7a0f4bc38ec7a61b2e0ec6
- SHA256
  
  f2a6cbf1946365978eed4bbb5d34970a6933e04034fcbf32f5bd76ff39231622
- SHA512
  
  f1d809a24102082d63bc8e61ea533af6310a5ed11be68e2e61a7f4e7a16add47f614180c14c9487b3ae3d417f83d18e003142a330df307169c222d44db188f30
- SSDEEP
  
  384:dUJ8s1g8ssAi6D9VIt13vfdHldhwLGEGi+OGa0Mr8SmM:SasbLAiict13vfdHldhwyEr+OGa0MrV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2