4989882339d745692eabe0a375d8cecd6e7e3af534cd1173d94867b8d069cd7f | Triage

Sharing

General

Target

4989882339d745692eabe0a375d8cecd6e7e3af534cd1173d94867b8d069cd7f
Size

2.0MB
Sample

240904-qh4f4asaqe
MD5

ce92fc90e5b4387531b7875fb57158d3
SHA1

cd2e458f49db5575e0e9015a07faab6e43bc2d61
SHA256

4989882339d745692eabe0a375d8cecd6e7e3af534cd1173d94867b8d069cd7f
SHA512

8854cb96fd90b0a5316f49f78b39e66465de3f935c6365c77fc26fcc2b5254ba0c1f08203ccdb9c955725d1f0ccacf9f02f32811c831998b8323450319cd61b3
SSDEEP

24576:FKrzksL207JGXwCBB+aDYfNucQ8sSNJTjiOLuo+Gq7OWVp4i3rHnP/v6vB7HQ4AV:QVpdwqqOLnQ3baBSxKG1ysjTH

Score

7^/10

defense_evasion

Malware Config

Targets

- Target
  
  4989882339d745692eabe0a375d8cecd6e7e3af534cd1173d94867b8d069cd7f
- Size
  
  2.0MB
- MD5
  
  ce92fc90e5b4387531b7875fb57158d3
- SHA1
  
  cd2e458f49db5575e0e9015a07faab6e43bc2d61
- SHA256
  
  4989882339d745692eabe0a375d8cecd6e7e3af534cd1173d94867b8d069cd7f
- SHA512
  
  8854cb96fd90b0a5316f49f78b39e66465de3f935c6365c77fc26fcc2b5254ba0c1f08203ccdb9c955725d1f0ccacf9f02f32811c831998b8323450319cd61b3
- SSDEEP
  
  24576:FKrzksL207JGXwCBB+aDYfNucQ8sSNJTjiOLuo+Gq7OWVp4i3rHnP/v6vB7HQ4AV:QVpdwqqOLnQ3baBSxKG1ysjTH
Score

7^/10

defense_evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deobfuscate/Decode Files or Information
  Payload decoded via CertUtil.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Deobfuscate/Decode Files or Information

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasion

behavioral2

defense_evasion