5a2fb74b9d314cd7647289bd9c224f45d228526943eb25abbc5138a9dbc69021 | Triage

Sharing

General

Target

5a2fb74b9d314cd7647289bd9c224f45d228526943eb25abbc5138a9dbc69021
Size

528KB
Sample

240723-1rqlps1apr
MD5

7c5086017d4d315310dc86e206d09702
SHA1

3996f4e7a1d8fb3705870b047096f7b51c96c0f9
SHA256

5a2fb74b9d314cd7647289bd9c224f45d228526943eb25abbc5138a9dbc69021
SHA512

183f02e9449b6257019fa94420ba8dc4319ae77d067348e624069f3314dfef60db2319b51efaba3703e1139cc317c4beeb6208a2d1c4e77ad1ed112cc3bc31d4
SSDEEP

12288:hmLoLgmqLjKDzsMLYvNMy2RFQny1nve0mF:hmLoLgJLjKDzs9NMy2RFQny1nve0M

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  5a2fb74b9d314cd7647289bd9c224f45d228526943eb25abbc5138a9dbc69021
- Size
  
  528KB
- MD5
  
  7c5086017d4d315310dc86e206d09702
- SHA1
  
  3996f4e7a1d8fb3705870b047096f7b51c96c0f9
- SHA256
  
  5a2fb74b9d314cd7647289bd9c224f45d228526943eb25abbc5138a9dbc69021
- SHA512
  
  183f02e9449b6257019fa94420ba8dc4319ae77d067348e624069f3314dfef60db2319b51efaba3703e1139cc317c4beeb6208a2d1c4e77ad1ed112cc3bc31d4
- SSDEEP
  
  12288:hmLoLgmqLjKDzsMLYvNMy2RFQny1nve0mF:hmLoLgJLjKDzs9NMy2RFQny1nve0M
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2