8449134e2c27181a648d0de1825c8a3dcc92d2c2be6289c8f02d87ebcb892474 | Triage

Sharing

General

Target

2pacalypse.2.4.1.zip
Size

4.5MB
Sample

240811-wk12mszhrq
MD5

f181b10845631b73db1a4aea35c78dc5
SHA1

bb22e9a6bef02fbc63237c8dbe5121981c7531bb
SHA256

8449134e2c27181a648d0de1825c8a3dcc92d2c2be6289c8f02d87ebcb892474
SHA512

dad9a900694f750adb3c61d1e3432fe208d6e9feb892b0464b43e09b5e1eaeb2ed37bed47a2fbe53b75143f0fbcaccdb542045bb605371273c041f17be4a76a9
SSDEEP

98304:tXInN8vnb+YgsZE145tBIeY8pf59kSaKNJdGGT/8lkVHVA:t4n+vygE1mBIe959kSx6GTklSHW

Score

8^/10

Malware Config

Targets

- Target
  
  2pacalypse.dll
- Size
  
  5.4MB
- MD5
  
  1f9946d6277725e373d979288583c6d5
- SHA1
  
  0c0e4bdcc106db4e4a568dda9d29188d955c6431
- SHA256
  
  394959e5988b228cf80266199200e2b164119466891edbf9949fd4738400eafc
- SHA512
  
  e3def8ee65bb1d3a530f421967f5e942c5f2c97e309203c049b7931e7afcb2d62a4fd29877d4d3b7bab2341e6f1dae7cd885a9823a9caf591134147195cec61e
- SSDEEP
  
  98304:DLWSnQr5nJQnoi8m2Fn3t+C3jDVsIb9kZXhnTu3vLSN/8jkB0MnWgXb5QdOjc3zc:GD6nwt+CT5DbgXhTymF8jkGMnWy5ljcY
Score

1^/10
behavioral1
- Target
  
  2pacalypse.exe
- Size
  
  144KB
- MD5
  
  50953ad96a9adf609adb1f1123df4258
- SHA1
  
  db8897a56f9a83c0e4c4f0121bc519edd6b52a8b
- SHA256
  
  88058f293fae03971d96cb3433b7a6a9adbbd8034775fe8b57226505ad03138c
- SHA512
  
  8cbd1e48105d74ba33c8f3ef2acd035fed8254c3dae1cfcbb79bd209ae3a702add49f86751f8be9fcc0999278a014c47e367f49a6fb3b11bee3b1109bfe81163
- SSDEEP
  
  3072:U8vbzyQ6Y1YXrbNK+3FNxacPEMk6bRQAgTWA:UszAXNK+3FVfRQzTW
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2