1079163da0ce8224e90265f476771329276d2b2135c9df28720e85ee5bc608fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36dfd2ae0756140df3f197a551c338eb.zip
Size

9KB
Sample

240903-ygpwbawerg
MD5

dda5d773073da4259d8bc715833e4556
SHA1

9df5d285054a886a32c8acca750ac15c2bdf6743
SHA256

1079163da0ce8224e90265f476771329276d2b2135c9df28720e85ee5bc608fa
SHA512

1ff4df1f719b292444e283923a91b18a2ebc1ae9910a30f6f79be116b475f330dc26d71b8daa5c9515a525ba9bf099d36f1a1fd8da98c0e85e0feb75896d5041
SSDEEP

192:sVrNpAgqlkXLohLSipiI4aiQbwxFETIIRkCQfK2W1Io9yZ:sVhpdqsL3ipiFazbwAhV2KhyZ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  4b54baf3ec870bc96751bd8fa25ef2e2f2dc30f19f386ff446cdc7b251f06c80
- Size
  
  14KB
- MD5
  
  36dfd2ae0756140df3f197a551c338eb
- SHA1
  
  f68fc3cc343b8df780b3e63162e79411f24c6921
- SHA256
  
  4b54baf3ec870bc96751bd8fa25ef2e2f2dc30f19f386ff446cdc7b251f06c80
- SHA512
  
  cec3d2d0b1317d00281f9685bdd3c600540b7c83491351cf7f55ec7b721f0ebf0e8223023be494d691aa77300ad967e7e9ab11e887a8d6d2dbad83c6485ec265
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh5RAnw:hDXWipuE+K3/SSHgxX
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2