eaa3dd23cc0aaa9920d42ab19fd77bc8a196ca769522e14410f7314dfcb8948e | Triage

Sharing

General

Target

BasiliskV3_0099_FirmwareUpdater_v1.02.00_r1.exe
Size

21.6MB
Sample

240723-xm4e8awbqf
MD5

a7cd1c302ac2307e938cfdd72a5fa46e
SHA1

20ed0d49e19f881ca96ef313e4e86aa97ec3eac4
SHA256

eaa3dd23cc0aaa9920d42ab19fd77bc8a196ca769522e14410f7314dfcb8948e
SHA512

bce1aeaa0839ff2de7d5bece3181359d5089d1dc34fbe00221458f9a7dcabea2124c7000497d8fdda2b5d26ca99644e1c4ce1de310ddeca0721349cd6cff13cb
SSDEEP

393216:XZYRO8cf3CntDJWVb6K/S/wfUPKqbUkx3eEQG+13q0WYxEjZrJixUoXuSZ:XZYR2KtDVmS4fUXleH13LKjGx4e

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  BasiliskV3_0099_FirmwareUpdater_v1.02.00_r1.exe
- Size
  
  21.6MB
- MD5
  
  a7cd1c302ac2307e938cfdd72a5fa46e
- SHA1
  
  20ed0d49e19f881ca96ef313e4e86aa97ec3eac4
- SHA256
  
  eaa3dd23cc0aaa9920d42ab19fd77bc8a196ca769522e14410f7314dfcb8948e
- SHA512
  
  bce1aeaa0839ff2de7d5bece3181359d5089d1dc34fbe00221458f9a7dcabea2124c7000497d8fdda2b5d26ca99644e1c4ce1de310ddeca0721349cd6cff13cb
- SSDEEP
  
  393216:XZYRO8cf3CntDJWVb6K/S/wfUPKqbUkx3eEQG+13q0WYxEjZrJixUoXuSZ:XZYR2KtDVmS4fUXleH13LKjGx4e
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4