d6c041beb73ddde50848feec4814bb861f20c71960441f378abd8bcc2c0114df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6c041beb73ddde50848feec4814bb861f20c71960441f378abd8bcc2c0114df
Size

1.1MB
Sample

240727-ex1szazekg
MD5

074ee5c741762060d9ec905ce1f96634
SHA1

1adfa104174a82dd1a81fb374624d9dcf0cc563a
SHA256

d6c041beb73ddde50848feec4814bb861f20c71960441f378abd8bcc2c0114df
SHA512

7131cce2647d87f05f5a32558937c4bf314ede2a586366c2a39ed3a3b7bf7294b6a718a034cbc6ccb39866d693a4107e6a01da03897cd348a770d6f59b539e1d
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QR:acallSllG4ZM7QzMS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d6c041beb73ddde50848feec4814bb861f20c71960441f378abd8bcc2c0114df
- Size
  
  1.1MB
- MD5
  
  074ee5c741762060d9ec905ce1f96634
- SHA1
  
  1adfa104174a82dd1a81fb374624d9dcf0cc563a
- SHA256
  
  d6c041beb73ddde50848feec4814bb861f20c71960441f378abd8bcc2c0114df
- SHA512
  
  7131cce2647d87f05f5a32558937c4bf314ede2a586366c2a39ed3a3b7bf7294b6a718a034cbc6ccb39866d693a4107e6a01da03897cd348a770d6f59b539e1d
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QR:acallSllG4ZM7QzMS
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2