130f885a265c6fb9ddcbd3cacfd8574e3a50e936105625f84cc34ad6c8d32df8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65094db39974423aa4e507d29a39f500N.exe
Size

56KB
Sample

240716-el7gdaxaqc
MD5

65094db39974423aa4e507d29a39f500
SHA1

4267de054b0f86d0c041244cd14e58c5f4320398
SHA256

130f885a265c6fb9ddcbd3cacfd8574e3a50e936105625f84cc34ad6c8d32df8
SHA512

7d62d8d43e82ac6febf17a3501431a9295de4b6b75391020057b79375b7adbcb4d4347877dd5d44a46d3ed4d61550b2b211be41c0c3612f8fa74b8c9375c6aa9
SSDEEP

384:asjPGY2HXgrkEYYhQ98E8I1XAV/QcaYpATUgch1A9NB/erxFpki:aePG5H8XhKD8ISZQjkgs1lxF5

Score

7^/10

Malware Config

Targets

- Target
  
  65094db39974423aa4e507d29a39f500N.exe
- Size
  
  56KB
- MD5
  
  65094db39974423aa4e507d29a39f500
- SHA1
  
  4267de054b0f86d0c041244cd14e58c5f4320398
- SHA256
  
  130f885a265c6fb9ddcbd3cacfd8574e3a50e936105625f84cc34ad6c8d32df8
- SHA512
  
  7d62d8d43e82ac6febf17a3501431a9295de4b6b75391020057b79375b7adbcb4d4347877dd5d44a46d3ed4d61550b2b211be41c0c3612f8fa74b8c9375c6aa9
- SSDEEP
  
  384:asjPGY2HXgrkEYYhQ98E8I1XAV/QcaYpATUgch1A9NB/erxFpki:aePG5H8XhKD8ISZQjkgs1lxF5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2