3057cd95930c678cdfb88565bf7343f3367256e20e7e042e77fc2aa33edb69f1 | Triage

Sharing

General

Target

617e04c28636691fa1a6b6a934d4447c.zip
Size

10KB
Sample

240901-ymp39s1bpa
MD5

c43f94ac4403c992f7368751ecf4b93c
SHA1

54fc0bcb2bb0acb5d8287757024731e1459972a5
SHA256

3057cd95930c678cdfb88565bf7343f3367256e20e7e042e77fc2aa33edb69f1
SHA512

7c84c353f85335382b8983a81531197e4f7683ea4104e34dea829ca02660661dd715ec881dca694ca1467dc5a65bad345d87133e8ad28f2ddbcfb371b6456e92
SSDEEP

192:zc/EPtCn44Vp2B+6vT71vOX6enl+Vkmp77sMVu1j6rq8bL8HCi1VroAkcZ:AWCnNpm316xnwTpnDVtq8Ri1VrbbZ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2b9657c4eb9ea8f2c2c089a722fc7bc1c4a3323ad032fdb5bf7e27708468d18b
- Size
  
  15KB
- MD5
  
  617e04c28636691fa1a6b6a934d4447c
- SHA1
  
  d229158b95a9025b1162f7e802876ec7bd6394bc
- SHA256
  
  2b9657c4eb9ea8f2c2c089a722fc7bc1c4a3323ad032fdb5bf7e27708468d18b
- SHA512
  
  29575ddb6d3b7c8908aca5a079916a36e8d4285cc9b8d486b3d707e0a645bd68a69e110ce3e2094f67b425ae05dc608c0fea6654626f157e90a05de856a2ea56
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYvcPay8T:hDXWipuE+K3/SSHgxmkClT
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2