ef4c9172b1eff1cd86947b0a74f9680f819e3cb296325b432054e00d71b30842 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f841814a1a99524b5e3633f528099e8c.zip
Size

9KB
Sample

240902-2pnvrszhrb
MD5

c038fa8c3f3eb80cb25bbee5d4b79e5a
SHA1

05043f0672e6256c6f44a39827a6a7a14a448b7b
SHA256

ef4c9172b1eff1cd86947b0a74f9680f819e3cb296325b432054e00d71b30842
SHA512

823e3e972b777d58b77b841a6970313055a2a00d094f074c91e1bd043581055930692b5ed45437a6606a170ab7f70ca00e02060a6e5bd51c7304b20ba1dd2201
SSDEEP

192:/4CyGYkrY9fPddTiCTqcefuf5de1pA4AWDQRk24Yq8Y6aXkHeRB864vfCS:/4Hx3PdN/tXe7AnWoTq8Y6lHeRB86cqS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  af0a82ea7d3193f3998b7a392aded85f528b49504a5801be19df51d8fd64158d
- Size
  
  14KB
- MD5
  
  f841814a1a99524b5e3633f528099e8c
- SHA1
  
  74a1e8db4a763ecde78d4109dc42eb871771d7d5
- SHA256
  
  af0a82ea7d3193f3998b7a392aded85f528b49504a5801be19df51d8fd64158d
- SHA512
  
  ae83a8ab2db9f6eadc23b68285958427f7f3fe3a73910bbe6d4e92c67364f2951a0d2054fb5cb250488890d96e310480359e5fa1656d5945be92e94e36a53b28
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhXt0Hk:hDXWipuE+K3/SSHgxgHk
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2