25916fc805e23ff4a605a51ddb8d191eb003f8719833ed0a28b22f055b138496 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25916fc805e23ff4a605a51ddb8d191eb003f8719833ed0a28b22f055b138496
Size

47KB
Sample

240902-ydqcnsxbka
MD5

6cde67137708132734c1ba0341866632
SHA1

6144591987850a3c962bcafab7ce03e868923df5
SHA256

25916fc805e23ff4a605a51ddb8d191eb003f8719833ed0a28b22f055b138496
SHA512

6cedcb20ffa76fd26c33ad7b092d95e25190686a1583ab56af8297d54d4551b5119222965379d0233bcb22d8c0b5e6d5e6d86b33e91e57a05a9881189236e1e6
SSDEEP

768:CnnOWEvtPvkFk58sCu84euZR5FbrGePc/3FttKAeiXDC:CnOtvtPf58k8GtBSXtKALDC

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  25916fc805e23ff4a605a51ddb8d191eb003f8719833ed0a28b22f055b138496
- Size
  
  47KB
- MD5
  
  6cde67137708132734c1ba0341866632
- SHA1
  
  6144591987850a3c962bcafab7ce03e868923df5
- SHA256
  
  25916fc805e23ff4a605a51ddb8d191eb003f8719833ed0a28b22f055b138496
- SHA512
  
  6cedcb20ffa76fd26c33ad7b092d95e25190686a1583ab56af8297d54d4551b5119222965379d0233bcb22d8c0b5e6d5e6d86b33e91e57a05a9881189236e1e6
- SSDEEP
  
  768:CnnOWEvtPvkFk58sCu84euZR5FbrGePc/3FttKAeiXDC:CnOtvtPf58k8GtBSXtKALDC
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2