9ba9a39ad8ed330988e8a2efa6d3c1bab21bccbf55ddc03bb1805608afb95d30 | Triage

Sharing

General

Target

ed0a7b6ad920278967cd2391e2b25240N.exe
Size

165KB
Sample

240720-vfga1awapm
MD5

ed0a7b6ad920278967cd2391e2b25240
SHA1

394e87f156142881c1f2f6dbaa1dd1b735e54c84
SHA256

9ba9a39ad8ed330988e8a2efa6d3c1bab21bccbf55ddc03bb1805608afb95d30
SHA512

b23116186e89dd644d67821fcb3c8876bd71b70bb1469130f429240307814340465571264c6c1a96679eb784a4cdc6ee6d417e470b3207a84f36484947d78748
SSDEEP

3072:e4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:tiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

Malware Config

Targets

- Target
  
  ed0a7b6ad920278967cd2391e2b25240N.exe
- Size
  
  165KB
- MD5
  
  ed0a7b6ad920278967cd2391e2b25240
- SHA1
  
  394e87f156142881c1f2f6dbaa1dd1b735e54c84
- SHA256
  
  9ba9a39ad8ed330988e8a2efa6d3c1bab21bccbf55ddc03bb1805608afb95d30
- SHA512
  
  b23116186e89dd644d67821fcb3c8876bd71b70bb1469130f429240307814340465571264c6c1a96679eb784a4cdc6ee6d417e470b3207a84f36484947d78748
- SSDEEP
  
  3072:e4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:tiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2