1a9dc27026be0dcd358061b9e16c93b8a110ced3bacf9df114c98d7d9660163e | Triage

Sharing

General

Target

1a9dc27026be0dcd358061b9e16c93b8a110ced3bacf9df114c98d7d9660163e
Size

200KB
Sample

240722-xt41bstdjp
MD5

bb17035f3534ca6fc6260f18c5fe3e0f
SHA1

39a55cdd5d286f04c8acbc95091f9b66f1659195
SHA256

1a9dc27026be0dcd358061b9e16c93b8a110ced3bacf9df114c98d7d9660163e
SHA512

347ee1eb6588be24daa15f3854c5f9e32303c2074559623c61bf4c9fe0869c0028ec051a590e5c72e8d70f6dda3bb6b73dbcbb896283929e1b310a163d4d6154
SSDEEP

3072:oBbfSlrhqC3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4Sd:EMrhqC3yGFInRO

Score

7^/10

Malware Config

Targets

- Target
  
  1a9dc27026be0dcd358061b9e16c93b8a110ced3bacf9df114c98d7d9660163e
- Size
  
  200KB
- MD5
  
  bb17035f3534ca6fc6260f18c5fe3e0f
- SHA1
  
  39a55cdd5d286f04c8acbc95091f9b66f1659195
- SHA256
  
  1a9dc27026be0dcd358061b9e16c93b8a110ced3bacf9df114c98d7d9660163e
- SHA512
  
  347ee1eb6588be24daa15f3854c5f9e32303c2074559623c61bf4c9fe0869c0028ec051a590e5c72e8d70f6dda3bb6b73dbcbb896283929e1b310a163d4d6154
- SSDEEP
  
  3072:oBbfSlrhqC3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4Sd:EMrhqC3yGFInRO
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2