840ec715673dfec31d0db4a240e77ec0885eadc5d8225fae29b43e7eedcb0b9d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

840ec715673dfec31d0db4a240e77ec0885eadc5d8225fae29b43e7eedcb0b9d
Size

1.1MB
Sample

240913-2624qavekh
MD5

f6b442beb4dd9fabcc8432a2c9d48546
SHA1

ea03754ef2a4568ac64269190f8b4f307386aa6d
SHA256

840ec715673dfec31d0db4a240e77ec0885eadc5d8225fae29b43e7eedcb0b9d
SHA512

e77e7f8af9b307a3418f76a563e6d3d2fe986e97e741cce7d1ace9cb78634370c40533ee8ade3c6cb8f8ebc156dfb3456961469ddd04ad73042e4242d03e7bed
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qz:CcaClSFlG4ZM7QzMk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  840ec715673dfec31d0db4a240e77ec0885eadc5d8225fae29b43e7eedcb0b9d
- Size
  
  1.1MB
- MD5
  
  f6b442beb4dd9fabcc8432a2c9d48546
- SHA1
  
  ea03754ef2a4568ac64269190f8b4f307386aa6d
- SHA256
  
  840ec715673dfec31d0db4a240e77ec0885eadc5d8225fae29b43e7eedcb0b9d
- SHA512
  
  e77e7f8af9b307a3418f76a563e6d3d2fe986e97e741cce7d1ace9cb78634370c40533ee8ade3c6cb8f8ebc156dfb3456961469ddd04ad73042e4242d03e7bed
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qz:CcaClSFlG4ZM7QzMk
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2