af661552f20a78826aa3d890f86531224e2ff806f799e5093365923c007868dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad967638438fd9876baf5a21e7f76320N.exe
Size

34KB
Sample

240824-rndy3awbrm
MD5

ad967638438fd9876baf5a21e7f76320
SHA1

f25e23a459b2068ed9ea32a8161107a97d1a49d5
SHA256

af661552f20a78826aa3d890f86531224e2ff806f799e5093365923c007868dc
SHA512

3df62066852fbfdc59f566e7ab3898824cb82a0acd8b05dce3aee27191f8741ee28b4bb19238f9da2c26fe4f938146eb4c9402859b6dcda6f667dde3f451e730
SSDEEP

384:mBLeJQWRR78w4lvO/upzQaHmrHtD8PfAw+:mNeJhRSXvO2ps6mrHK3Aw+

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ad967638438fd9876baf5a21e7f76320N.exe
- Size
  
  34KB
- MD5
  
  ad967638438fd9876baf5a21e7f76320
- SHA1
  
  f25e23a459b2068ed9ea32a8161107a97d1a49d5
- SHA256
  
  af661552f20a78826aa3d890f86531224e2ff806f799e5093365923c007868dc
- SHA512
  
  3df62066852fbfdc59f566e7ab3898824cb82a0acd8b05dce3aee27191f8741ee28b4bb19238f9da2c26fe4f938146eb4c9402859b6dcda6f667dde3f451e730
- SSDEEP
  
  384:mBLeJQWRR78w4lvO/upzQaHmrHtD8PfAw+:mNeJhRSXvO2ps6mrHK3Aw+
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2