6bea1931fa6e555137cc6f15593856a5bf2f1445df702f766e3454defa3036f1 | Triage

Sharing

General

Target

1d057ebb99d1c533f8fc7d76e1687920N
Size

9.1MB
Sample

240911-q9bv6atgjr
MD5

1d057ebb99d1c533f8fc7d76e1687920
SHA1

9c71e33cfe73d3f31c1e502e293cd08af7d49f80
SHA256

6bea1931fa6e555137cc6f15593856a5bf2f1445df702f766e3454defa3036f1
SHA512

c062d1e4842825eb70e968ef68b37f40c121940cbbc42700080d0f869efa92452531275108b3d7b1a8b147ec9050926c7f29a1fab6f1a5624d54a6823c4f4ab3
SSDEEP

196608:Xlbrq3GhKGcRHaL5fjsteMmFIfxcDNvUpUWiHoZyEAZ+FcAjoSZVW:XlbW3GhQZapemOcpUpUWiHowMcWoOM

Score

6^/10

defense_evasion discovery execution

Malware Config

Targets

- Target
  
  1d057ebb99d1c533f8fc7d76e1687920N
- Size
  
  9.1MB
- MD5
  
  1d057ebb99d1c533f8fc7d76e1687920
- SHA1
  
  9c71e33cfe73d3f31c1e502e293cd08af7d49f80
- SHA256
  
  6bea1931fa6e555137cc6f15593856a5bf2f1445df702f766e3454defa3036f1
- SHA512
  
  c062d1e4842825eb70e968ef68b37f40c121940cbbc42700080d0f869efa92452531275108b3d7b1a8b147ec9050926c7f29a1fab6f1a5624d54a6823c4f4ab3
- SSDEEP
  
  196608:Xlbrq3GhKGcRHaL5fjsteMmFIfxcDNvUpUWiHoZyEAZ+FcAjoSZVW:XlbW3GhQZapemOcpUpUWiHowMcWoOM
Score

6^/10

defense_evasion discovery execution
- Downloads MZ/PE file
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryexecution

behavioral2

defense_evasiondiscoveryexecution