6992c718e087fc2f96ee8596016a2f9219f4c702244ef0eb74aa1ec7a495e4c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a77d679f31fd8bf0de8fe0955cc357b.zip
Size

11KB
Sample

240901-fh2bmasamm
MD5

e59a20827042cd76eb27e23e7507468e
SHA1

20ac8c71877abb864ec30900e20b180dc34c8554
SHA256

6992c718e087fc2f96ee8596016a2f9219f4c702244ef0eb74aa1ec7a495e4c2
SHA512

c586a6ab52aae7afc0c1791bb169079d01cd2ac997d513ac6794d70219a5669aacb2112df59dbf6514d95a28219a3befcff7b1762e8cdc26a903d336cc4bad53
SSDEEP

192:e7N3tYt/MOSJafuPdf5suWDUHo5CABiuVQOFh/0NfPJpKg+W21CSyyz85:otYuOSJaGPZf2BiuV5/0oWwJu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  64a1e3f8eb541579e85482ea0a31a6be7e0082cd211dabaf42efd3572ecb4d36
- Size
  
  16KB
- MD5
  
  6a77d679f31fd8bf0de8fe0955cc357b
- SHA1
  
  3c65ded4c8478dda38157eedae2a4b7f04778350
- SHA256
  
  64a1e3f8eb541579e85482ea0a31a6be7e0082cd211dabaf42efd3572ecb4d36
- SHA512
  
  3481831afa797676761a3768b18d13378a0d73d8a3a34f1a7d65f973653edacf5374facdce82665081ded10af5810fb029aa0a879e487665bf6c82af4979dce1
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMxdy:hDXWipuE+K3/SSHgxmHfy
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2