b18216f40fae755f0725c31fa5604503f2efdb9b241726459d0ddff598ee35d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95bf673ece8d84b1ca2957bd3dd6b360N
Size

9.1MB
Sample

240907-2c8dmsyepj
MD5

95bf673ece8d84b1ca2957bd3dd6b360
SHA1

31aeca2299005fad7b9018645c060225fef009e9
SHA256

b18216f40fae755f0725c31fa5604503f2efdb9b241726459d0ddff598ee35d8
SHA512

71f7c83f0f9c8912398fc63ec45b66fa3244ffb5dd571a726917ca2e7615e0eca770ec886d3fd39cabdfe1ca104aaeea105aff5eb5122f0741c09ecd4f698ad9
SSDEEP

196608:vwb153qM/06lUUgE5B30mhUKSv2RUpUWiHoZyEAZ+FcAjoSZl:vwb73qML5fXh9gmUpUWiHowMcWoO

Score

8^/10

defense_evasion discovery execution

Malware Config

Targets

- Target
  
  95bf673ece8d84b1ca2957bd3dd6b360N
- Size
  
  9.1MB
- MD5
  
  95bf673ece8d84b1ca2957bd3dd6b360
- SHA1
  
  31aeca2299005fad7b9018645c060225fef009e9
- SHA256
  
  b18216f40fae755f0725c31fa5604503f2efdb9b241726459d0ddff598ee35d8
- SHA512
  
  71f7c83f0f9c8912398fc63ec45b66fa3244ffb5dd571a726917ca2e7615e0eca770ec886d3fd39cabdfe1ca104aaeea105aff5eb5122f0741c09ecd4f698ad9
- SSDEEP
  
  196608:vwb153qM/06lUUgE5B30mhUKSv2RUpUWiHoZyEAZ+FcAjoSZl:vwb73qML5fXh9gmUpUWiHowMcWoO
Score

8^/10

defense_evasion discovery execution
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryexecution

behavioral2

defense_evasiondiscoveryexecution