51fff0f004903f62d08a9980dad98ba937ebed7b82c06783c124a58a82370faa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51fff0f004903f62d08a9980dad98ba937ebed7b82c06783c124a58a82370faa
Size

1.1MB
Sample

240809-he5wraxemk
MD5

e290bd8806761a77b1d6463c37e5eb34
SHA1

673bfa67e8a97c03b7a20c0f42123e65068ed0f5
SHA256

51fff0f004903f62d08a9980dad98ba937ebed7b82c06783c124a58a82370faa
SHA512

43caaf15108c38e745e06ae351685e2b036b4da3f36d98581625ed288f40a59cb2237ea804362b0c842ff7ea4009a3650578ab96f3d3c864457a9fa4ddc4fc8f
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QZ:acallSllG4ZM7QzM6

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  51fff0f004903f62d08a9980dad98ba937ebed7b82c06783c124a58a82370faa
- Size
  
  1.1MB
- MD5
  
  e290bd8806761a77b1d6463c37e5eb34
- SHA1
  
  673bfa67e8a97c03b7a20c0f42123e65068ed0f5
- SHA256
  
  51fff0f004903f62d08a9980dad98ba937ebed7b82c06783c124a58a82370faa
- SHA512
  
  43caaf15108c38e745e06ae351685e2b036b4da3f36d98581625ed288f40a59cb2237ea804362b0c842ff7ea4009a3650578ab96f3d3c864457a9fa4ddc4fc8f
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QZ:acallSllG4ZM7QzM6
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2