acebc0766af1442f05e9319b6130098e438456bfa825e24e66f145ae357a2452 | Triage

Sharing

General

Target

1b61a30c3b887e92770d2a41ab3f7af0N.exe
Size

112KB
Sample

240714-zn6cbatelk
MD5

1b61a30c3b887e92770d2a41ab3f7af0
SHA1

1c68fe82754bfa707a6c118660e89140369d20fa
SHA256

acebc0766af1442f05e9319b6130098e438456bfa825e24e66f145ae357a2452
SHA512

470f9a6c782c38aba6d3401109e9040172f8c745f757691636539b8dfd3a1343dc15b0117ff7337a524effe8b2713893c1abcf1c16a4c0a7109263cf3f67050e
SSDEEP

3072:Wrv/pZIgQWGEkT9oe2lxBYNtdEI2MyzNORQtOflIwoHNM2XBFV7WB7lx7+srJ:Wrv/pZIgQWGEkT9oe2lxBUtdEI2MyzNE

Score

7^/10

Malware Config

Targets

- Target
  
  1b61a30c3b887e92770d2a41ab3f7af0N.exe
- Size
  
  112KB
- MD5
  
  1b61a30c3b887e92770d2a41ab3f7af0
- SHA1
  
  1c68fe82754bfa707a6c118660e89140369d20fa
- SHA256
  
  acebc0766af1442f05e9319b6130098e438456bfa825e24e66f145ae357a2452
- SHA512
  
  470f9a6c782c38aba6d3401109e9040172f8c745f757691636539b8dfd3a1343dc15b0117ff7337a524effe8b2713893c1abcf1c16a4c0a7109263cf3f67050e
- SSDEEP
  
  3072:Wrv/pZIgQWGEkT9oe2lxBYNtdEI2MyzNORQtOflIwoHNM2XBFV7WB7lx7+srJ:Wrv/pZIgQWGEkT9oe2lxBUtdEI2MyzNE
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2