3dbc7dc6b767c8ff13944cb3a642355999f5fe4b6db8ab339dad0273559834f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fca0d0c4e4230b1b5b00f49926367de.zip
Size

11KB
Sample

240901-gk1njstamk
MD5

c4d68aa650faa8fce3d10847a3ef56db
SHA1

2ba3f7438b5c33b75cfda9ac1dfffe559d753190
SHA256

3dbc7dc6b767c8ff13944cb3a642355999f5fe4b6db8ab339dad0273559834f3
SHA512

305899fecdf7d399f94de6abc4d34b162917f4a3d21c3bad27104b22744d2755fe4cb63d9f7007e8901c4a779ff5171a9dcf9b68c811370ed0c2afe694aa8c04
SSDEEP

192:mlJcJU+uvT1hPR8Z/KJYbh3E7VzrtZ3qDX1tHPt8ytfigY8kDffNDFEnq4EF1:Ycm+m1hCNbhUBzrt1Y1tHPKQCfVFEnqJ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0ecbb21e9c4fae1a66f217f3441975088e13f6418e7f15b9351fa2c705345bbe
- Size
  
  20KB
- MD5
  
  6fca0d0c4e4230b1b5b00f49926367de
- SHA1
  
  4dfcf3082e6264c60ade4e523acd9a869c2c6977
- SHA256
  
  0ecbb21e9c4fae1a66f217f3441975088e13f6418e7f15b9351fa2c705345bbe
- SHA512
  
  45023de87ab048b3f5aa46f86499cdb1808ae609df786b0bbf9ed7c475736b2f74ee1864489ab3ad6a3130fa23a68b4d4fa805bd3229b0798895e1d0b15355fc
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4np:hDXWipuE+K3/SSHgxmHZnp
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2