7d8072667853f5addad0d058b86f12f63ca5580391f81a5823d0175984eae828 | Triage

Sharing

General

Target

Testing.zip
Size

276KB
Sample

240721-v18wrawfrg
MD5

8e702485ec9762205640a2858bdb5f3f
SHA1

87e8f76b1145174323d7800f53a33b971299b6c2
SHA256

7d8072667853f5addad0d058b86f12f63ca5580391f81a5823d0175984eae828
SHA512

6753f81592a3864547a10603946dcfeb7bd4fa24e5d652d2ff57d752202fb21a73c1a9256b2d86ce97fbdc1e499c6d935fd1f80ea6d879df9c71b41693d71a08
SSDEEP

6144:+pSXM1qTo6a11pl8vtSE216fmOpha5KQywkq3k:0S8IHa7pWbpQkXq0

Score

7^/10

Malware Config

Targets

- Target
  
  Testing/Loader.exe
- Size
  
  58KB
- MD5
  
  f7701081f4a2f364472d6d0470b76083
- SHA1
  
  48dcc133037f53f456dbb50b8f91a56830b45ed7
- SHA256
  
  613c814ec35416e506000da058b210db3a71bc1ae0866489ceb6929ecff2269f
- SHA512
  
  d292398763cda05010c0ca15d977f74a7fb4087bc02f6ea61363b19682038bdc0f1643a3b14a10ede0b484a575f85b061d058c180a6bd5a3f50a32cd7106dd24
- SSDEEP
  
  768:BtO+rQ+rqURzjfDJLGvjbbXRx5hBjWEVJbzcWeMl7Z+SbjDOHzTQMJ7Wx3ng3OcS:DQ+RJqvnPBFVJbzeWDfDUQMJ7uBc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  Testing/helper.dll
- Size
  
  413KB
- MD5
  
  ebbfa91c0d9eee4b650619da02305bab
- SHA1
  
  1010a1aceef79c66e1221d14cda755091c329799
- SHA256
  
  ea83dd198afab277148813470d26b49fdff4a531ceff9c7160bcff790bb36f41
- SHA512
  
  35a7af9b963c5924dd942370ec6428ea74a821055071028d98addc58b318eab055a4a9644bc9af1c447c5aa9bdc23808cba6584dc804b534eaa36cc571d90af3
- SSDEEP
  
  12288:cNC5RFRbB8VzPYzJeqa3XUdOHyTFXlqMsoZzPaSiw:2URp8RP6
Score

1^/10
behavioral3 behavioral4
- Target
  
  Testing/libhelp.dll
- Size
  
  307KB
- MD5
  
  56b4c7af882408518952151f87c37221
- SHA1
  
  43a36903dd87e56f068c40c6f48af23dba0f5d13
- SHA256
  
  23719300fa4ae3116e97c313b838945bb2c1e02094daee8165939059aaad82c5
- SHA512
  
  a8b6f64763605be146bd19ff8cf252209f65a875102f255c64b2d575239ebab5249c1f73129b1b8bedc48aa27488a0d9f828cc0db5bf692491bbf6460c39e31e
- SSDEEP
  
  6144:BPmr6FULtvQWYszmepAeOcMSHfqgZp+5J4w1:B86FOtCszmepEcM0fjZA71
Score

1^/10
behavioral5 behavioral6
- Target
  
  Testing/routine.dll
- Size
  
  38KB
- MD5
  
  7de58b2bbbba101c1116b875cc8a98cf
- SHA1
  
  e91348d6c4e1e5d528c06aa26c138e7261add027
- SHA256
  
  860f7441d71cbda603fc4e4096ae2fb06446ccc58b4b4f31e231728f412dc4a1
- SHA512
  
  c5797a309f91c01a0cb7cf832f8f669ab0f287aa47f963475807cfe8e22e87fe50b6ea0f76b4776a67dee14455c1227b6a8b68fcf948342ed78a0f4fe9f53b7a
- SSDEEP
  
  384:SBI9gTIPGymLg+WotpWfgYVCgU3a2kMRrL1Wvheasf:6IGTeGyzpChkmrLyhJs
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8