b2696ef9b38ab713dbd41fad108827df5bbc7b1d25b7e4cf4d6273c8fc73bd49 | Triage

Sharing

General

Target

17855629d7298cba9723eecb307fd72a.zip
Size

9KB
Sample

240903-smq3nszeqm
MD5

832a578132d5a39067134651e546ccc9
SHA1

248b18abd1ea2348f763d42a51b125bd677b4a66
SHA256

b2696ef9b38ab713dbd41fad108827df5bbc7b1d25b7e4cf4d6273c8fc73bd49
SHA512

b2c3650d8d94736e8f5ffdd0b283e2956287fc8fa2d0372f1b3135f73203cc4c90211822267d975d52183bbf43cde37451ad778729cd4b396592f5b98a4bda95
SSDEEP

192:Q98G/Wh3aHrXYd5oIyKfQOuT1wqtWmqkXFLAG7cl6Q2NJzi7C:A3u3cI2K45wqtWmqkXdc2jd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  20150c55b21cd08f2f2749837243a80b48de256f978849fe75fe1f542d965f22
- Size
  
  14KB
- MD5
  
  17855629d7298cba9723eecb307fd72a
- SHA1
  
  a863acd15ba0bed0d0182d058faa408f74fa4dfa
- SHA256
  
  20150c55b21cd08f2f2749837243a80b48de256f978849fe75fe1f542d965f22
- SHA512
  
  ab773410c9ba81d7c3fe7ad6603b8609155a2d7dee7a0c5c292e4c895287da157b0176a5b41c9e12cea0add2572d7e74537e01bdfeb97df3aa5e83c3cd024cd0
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYq44+:hDXWipuE+K3/SSHgxmq44+
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2