b78c8cdb190cde07aa1ada00865db6cea8341e32eda1e0d21ef7bda41ccc4e42 | Triage

Sharing

General

Target

55b99d089bd440a2a1595e504d4216bb.zip
Size

10KB
Sample

240901-xmef4aygqq
MD5

6eadfbd3e4c8df7b11ad0f456f44d4ab
SHA1

2201a2480bd622b646b1e8cf0d53c0d4963740b4
SHA256

b78c8cdb190cde07aa1ada00865db6cea8341e32eda1e0d21ef7bda41ccc4e42
SHA512

a123f7fc2ce5f2c701ac0f648540a7aecbd974f47de7f39fe9d27918de81ccad94e798da6e4e045bf840f42cd29e745d73b2fb1dc53c4e3f05a21bb9f02110f4
SSDEEP

192:Sdo40rJLboUDzn48GMVrmRV30OD2Oj7WcF3KprRVDDK8vW3e5yu0qNLFajbXq:I0RsUXGMs3pay7qrR9W/kxj

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  683d8463572854b6e70a7416832bb07ed303cc06b445bd94b0f149cf6161c0a0
- Size
  
  15KB
- MD5
  
  55b99d089bd440a2a1595e504d4216bb
- SHA1
  
  1c192f2534acc7a25f286cbda164419e5f0a1d83
- SHA256
  
  683d8463572854b6e70a7416832bb07ed303cc06b445bd94b0f149cf6161c0a0
- SHA512
  
  8444fd47df99212ef0a5e9ed405f65b41bf4cf7beb97a01b19861f9b55e8dbe21223365017ec61405941c71c502168758409b6e2d4a489ecfbbb2bc8ce33e25c
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh4cn/F:hDXWipuE+K3/SSHgx//F
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2