40e15b4fa176fe80b124a013d2f6f30769266adebccb0c0ff4965d2eba3d25c3 | Triage

Sharing

General

Target

964d0cf040d3627b1fb810ae4c9c4a40N.exe
Size

3.0MB
Sample

240820-g9e35sxelf
MD5

964d0cf040d3627b1fb810ae4c9c4a40
SHA1

f2d1211d17a38550d9278f281f6d39b37ff8a682
SHA256

40e15b4fa176fe80b124a013d2f6f30769266adebccb0c0ff4965d2eba3d25c3
SHA512

d889d8e94a9e3aafbdc6f6cbba54ee64eb744b3d40f4adbc690a6f5abdb750c7840e0e0c73111e000484b5ee8bb917ab7e4cca4b2a46e7804d00725797bdafa7
SSDEEP

49152:qiH2AaajKHX/Ft0vR+Y1pxsVnmMAnBxbu2ONWWIL2wM8+AtZiti8:HHRawKHPFyvR+2VMETbu2vrSwM8zg

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  964d0cf040d3627b1fb810ae4c9c4a40N.exe
- Size
  
  3.0MB
- MD5
  
  964d0cf040d3627b1fb810ae4c9c4a40
- SHA1
  
  f2d1211d17a38550d9278f281f6d39b37ff8a682
- SHA256
  
  40e15b4fa176fe80b124a013d2f6f30769266adebccb0c0ff4965d2eba3d25c3
- SHA512
  
  d889d8e94a9e3aafbdc6f6cbba54ee64eb744b3d40f4adbc690a6f5abdb750c7840e0e0c73111e000484b5ee8bb917ab7e4cca4b2a46e7804d00725797bdafa7
- SSDEEP
  
  49152:qiH2AaajKHX/Ft0vR+Y1pxsVnmMAnBxbu2ONWWIL2wM8+AtZiti8:HHRawKHPFyvR+2VMETbu2vrSwM8zg
Score

8^/10

discovery
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2