71e91c1da7b4ad7dd364643779eddadfaab669c2a0e29496f7c1227bf1445e43 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71e91c1da7b4ad7dd364643779eddadfaab669c2a0e29496f7c1227bf1445e43.exe
Size

3.5MB
Sample

240825-bmgesszglh
MD5

cae87da798fb940a7b399427462cc432
SHA1

220fa3cc461d98cba683edcd04ec79ed70ba4cdd
SHA256

71e91c1da7b4ad7dd364643779eddadfaab669c2a0e29496f7c1227bf1445e43
SHA512

541a66ae614cf3cad151c0d9250e6cc8f8c9ee1babaefd577cb9ac7f396eafec78f5c513f8f8d52769dcda065bea8a93decd4e3e3d565b21a14bd68f577b9197
SSDEEP

98304:wGvk8hN+UMDmoOiwuoTdRAsOvCP8aZ6W6VB:wLONsaiwN3AslVS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  71e91c1da7b4ad7dd364643779eddadfaab669c2a0e29496f7c1227bf1445e43.exe
- Size
  
  3.5MB
- MD5
  
  cae87da798fb940a7b399427462cc432
- SHA1
  
  220fa3cc461d98cba683edcd04ec79ed70ba4cdd
- SHA256
  
  71e91c1da7b4ad7dd364643779eddadfaab669c2a0e29496f7c1227bf1445e43
- SHA512
  
  541a66ae614cf3cad151c0d9250e6cc8f8c9ee1babaefd577cb9ac7f396eafec78f5c513f8f8d52769dcda065bea8a93decd4e3e3d565b21a14bd68f577b9197
- SSDEEP
  
  98304:wGvk8hN+UMDmoOiwuoTdRAsOvCP8aZ6W6VB:wLONsaiwN3AslVS
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2