275b4c7a3787e93ba71071bf96f82fa2f5fc7d71ffcb76b7592a95f8e86c20af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

275b4c7a3787e93ba71071bf96f82fa2f5fc7d71ffcb76b7592a95f8e86c20af
Size

80KB
Sample

240909-yhyjvayejd
MD5

23490de6c413cab37e95daa98eda45db
SHA1

cabaa66392871efa77b35d6c73ec2fd60c347f8e
SHA256

275b4c7a3787e93ba71071bf96f82fa2f5fc7d71ffcb76b7592a95f8e86c20af
SHA512

f4759433692e477f213505bfe18b40e5a76c1e264493dac5701c90522fd239945f9c1fc0fcbf8e755407139b248c9a080ee0230f4bfafbde0a1f4232ea496f91
SSDEEP

1536:6zfMMkqZPUMRsNFljx5sGOgMsqPhd976zdNE6ecbe1wA2sAVzv:AfMibQPj7Msq5j5cUwAZ4j

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  275b4c7a3787e93ba71071bf96f82fa2f5fc7d71ffcb76b7592a95f8e86c20af
- Size
  
  80KB
- MD5
  
  23490de6c413cab37e95daa98eda45db
- SHA1
  
  cabaa66392871efa77b35d6c73ec2fd60c347f8e
- SHA256
  
  275b4c7a3787e93ba71071bf96f82fa2f5fc7d71ffcb76b7592a95f8e86c20af
- SHA512
  
  f4759433692e477f213505bfe18b40e5a76c1e264493dac5701c90522fd239945f9c1fc0fcbf8e755407139b248c9a080ee0230f4bfafbde0a1f4232ea496f91
- SSDEEP
  
  1536:6zfMMkqZPUMRsNFljx5sGOgMsqPhd976zdNE6ecbe1wA2sAVzv:AfMibQPj7Msq5j5cUwAZ4j
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2