5533582ca456606d84c2223faddfeddd0ffbba7c9129fb2f991e3254277d72f9 | Triage

Sharing

General

Target

6e47c42b754745f96cb354bbd567a220N.exe
Size

11KB
Sample

240813-smflyavhpq
MD5

6e47c42b754745f96cb354bbd567a220
SHA1

70c413f47d900ee73eaf43644e3207bcf76628ca
SHA256

5533582ca456606d84c2223faddfeddd0ffbba7c9129fb2f991e3254277d72f9
SHA512

453e2acadb2ba8396706c871fab68a75505c7c1e96f669d13ac5413d8a56f943f223a67992fa27312fab3ceda556cd35c049c21d0571c4bff716656ecad057c8
SSDEEP

192:ktV547xMyh8YfQVltwCBHq3t6XwilGoPFRba:ky7Wyh7Qty3UbO

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6e47c42b754745f96cb354bbd567a220N.exe
- Size
  
  11KB
- MD5
  
  6e47c42b754745f96cb354bbd567a220
- SHA1
  
  70c413f47d900ee73eaf43644e3207bcf76628ca
- SHA256
  
  5533582ca456606d84c2223faddfeddd0ffbba7c9129fb2f991e3254277d72f9
- SHA512
  
  453e2acadb2ba8396706c871fab68a75505c7c1e96f669d13ac5413d8a56f943f223a67992fa27312fab3ceda556cd35c049c21d0571c4bff716656ecad057c8
- SSDEEP
  
  192:ktV547xMyh8YfQVltwCBHq3t6XwilGoPFRba:ky7Wyh7Qty3UbO
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2