9267520d1efe487124075b3e074ae45d0b2c3e9021d7d2ea9acea91dbc242b2f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fa26120f865878128b70f3f1b6de013.zip
Size

10KB
Sample

240901-wnanvsybnc
MD5

eb424ec3896e2b15a47c9b04184015e7
SHA1

e46cac1f37fa65357029f97d98072800bfe8deb3
SHA256

9267520d1efe487124075b3e074ae45d0b2c3e9021d7d2ea9acea91dbc242b2f
SHA512

3b5e58b0c4690cd6cf7e991fe58910f8903fdf24e13ba41fbe01fd5112a82ca8f2468924c60b440e838145e58cc2ce197365f92caba0d85218e6a8b4b70ba9fa
SSDEEP

192:IOOScv+OqHrEQyacuI1Aa96WcXyWNz4AeYFhw4/fwsn+cgbD9o0ecwJyash:DOXv+/rpy0Ip6TiWN8ATHQse9otRah

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  994508210025407f04c068a84bbb7b253995bee154fc00958fa7ce0bd8fe14dc
- Size
  
  15KB
- MD5
  
  2fa26120f865878128b70f3f1b6de013
- SHA1
  
  2b60ccab8333bdc71ccd9c2d537d189ad29b5cac
- SHA256
  
  994508210025407f04c068a84bbb7b253995bee154fc00958fa7ce0bd8fe14dc
- SHA512
  
  21cb0b6bb3d8e6851481205fd63f153c83317ded26fcff0161295b06fcb40bb3cf29c627ef69ded89447cbd2ed3131dc7edb68fd98927d6e879b6ca2fc858a5f
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh4cnwJ:hDXWipuE+K3/SSHgx/wJ
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2