f5b3c3906f814deff096d93b4fc80eae4447c40471495b1ec76a31e0e8edf0bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5b3c3906f814deff096d93b4fc80eae4447c40471495b1ec76a31e0e8edf0bb
Size

1.1MB
Sample

240820-yc6m9stdmm
MD5

d0172a3ea640266cadc0c4f59fde016b
SHA1

537ae766a2829d10548b15ffe7a2246df2f5db96
SHA256

f5b3c3906f814deff096d93b4fc80eae4447c40471495b1ec76a31e0e8edf0bb
SHA512

4262aec005b59b1ae422f6d3a4e543aa72c4f3fa7b01590ec029bf16650e1d473c606e74dfcb87c28af6a23b5d3a2d01b74e940102a2d4755662520dcd0409c8
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qg:acallSllG4ZM7QzMn

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f5b3c3906f814deff096d93b4fc80eae4447c40471495b1ec76a31e0e8edf0bb
- Size
  
  1.1MB
- MD5
  
  d0172a3ea640266cadc0c4f59fde016b
- SHA1
  
  537ae766a2829d10548b15ffe7a2246df2f5db96
- SHA256
  
  f5b3c3906f814deff096d93b4fc80eae4447c40471495b1ec76a31e0e8edf0bb
- SHA512
  
  4262aec005b59b1ae422f6d3a4e543aa72c4f3fa7b01590ec029bf16650e1d473c606e74dfcb87c28af6a23b5d3a2d01b74e940102a2d4755662520dcd0409c8
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qg:acallSllG4ZM7QzMn
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2