ddaa1e45a65ce6f98b12fb5ba4dfc7e8c5c70cdb93147a8f67f2d25973237893 | Triage

Sharing

General

Target

fc40585fcebb402504767dd83b32c756.bin
Size

6KB
Sample

240719-d7rsda1clr
MD5

36a93b8a98f120b994e749497bc00f0d
SHA1

1944adca408746a9ed4c44858661b6736f2cc198
SHA256

ddaa1e45a65ce6f98b12fb5ba4dfc7e8c5c70cdb93147a8f67f2d25973237893
SHA512

e29175fb9a0c8aa8b652222fea3fd54b51b5fcfd7603cb8166a3fa74a3a2fa1d3267ec3a0c7cad5d1b8ccb376ddba69b07f2251daaf561fd40adafbb8e01d1d8
SSDEEP

96:0HEQ2SdmZGb+F2jtHfaP7gGeOBsBcEJ+sIiCsmEobPi+0vYh3UO4i7eysvD:U77mZGbxjP1OILubPwgh3pwL

Score

8^/10

execution

Malware Config

Targets

- Target
  
  75fe2a7d2f3a1d20c507fe0412fef492377ba11201b736c47a3fd535627dd9ac.bat
- Size
  
  15KB
- MD5
  
  fc40585fcebb402504767dd83b32c756
- SHA1
  
  eee097c0fa3dbd407b68a88d401ab40a6e560ab9
- SHA256
  
  75fe2a7d2f3a1d20c507fe0412fef492377ba11201b736c47a3fd535627dd9ac
- SHA512
  
  77b07d9e194d1635368648edb8014e2e032115ec98726f3a8c583bfb2a31d14b7ffe87f9b5cd5c5901b567a46474deb38e6c41f3752c25f1a8f2a93c7fac9a5b
- SSDEEP
  
  192:YgkIdAMQd4ehFGj8Yyxd2UqsLL6geCJU2Rgr+ZTxA8/V5pxvH0rbFN5MS4GO+yMv:oFRFGj8Xrxqyhjv0rbFNB4GOy/+u+c
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2