58b70699a1e9794e968dda61f28c89fe41e217f57e38c143ef85e85376d39928 | Triage

Sharing

General

Target

88bde0e624f818cc111309f8fa462190N.exe
Size

52KB
Sample

240905-pr17na1bpr
MD5

88bde0e624f818cc111309f8fa462190
SHA1

f1b0e01da74b62e04b9ffc34cf15d15b0807ec67
SHA256

58b70699a1e9794e968dda61f28c89fe41e217f57e38c143ef85e85376d39928
SHA512

a8c30ef357c0a99a0c47b82a1988df7bbe10ed276ccb144e415d68106b8f5b7ba477167d2a99742cbc40258e7cfb2fdb5e376fe5e155893ab2de19701a1c0c4d
SSDEEP

768:jJEHIzP41G5GNx00lRZNGu1ioXqFQnb5FAAMWlOwOq:jJYoP+dNx9LZ0YbXTmAMWUBq

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  88bde0e624f818cc111309f8fa462190N.exe
- Size
  
  52KB
- MD5
  
  88bde0e624f818cc111309f8fa462190
- SHA1
  
  f1b0e01da74b62e04b9ffc34cf15d15b0807ec67
- SHA256
  
  58b70699a1e9794e968dda61f28c89fe41e217f57e38c143ef85e85376d39928
- SHA512
  
  a8c30ef357c0a99a0c47b82a1988df7bbe10ed276ccb144e415d68106b8f5b7ba477167d2a99742cbc40258e7cfb2fdb5e376fe5e155893ab2de19701a1c0c4d
- SSDEEP
  
  768:jJEHIzP41G5GNx00lRZNGu1ioXqFQnb5FAAMWlOwOq:jJYoP+dNx9LZ0YbXTmAMWUBq
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2