a05e5f27c77a04b66b6bd8a6e8028c4972ddac94eb4e954228c0b0e7fb5f0cbf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4918da40aac339a410da76ebabb87cc0N.exe
Size

44KB
Sample

240913-yb6a4svgkc
MD5

4918da40aac339a410da76ebabb87cc0
SHA1

d11a2897d7db9304ffbcfafe7ad8da0bbd9293a1
SHA256

a05e5f27c77a04b66b6bd8a6e8028c4972ddac94eb4e954228c0b0e7fb5f0cbf
SHA512

427de382c45654a25e545ef5ea7c5f6e98bc2b1ab474968e7b3554644248146c52830396d2a4d2cfe810797abad6597c2ee7434dac58d70723883c3e25dde6c9
SSDEEP

384:IL1d8xSrN1g7xKudNdtADaM4E7FBoU+BH9eW:Igx+WxKuMDaMpZiU6eW

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  4918da40aac339a410da76ebabb87cc0N.exe
- Size
  
  44KB
- MD5
  
  4918da40aac339a410da76ebabb87cc0
- SHA1
  
  d11a2897d7db9304ffbcfafe7ad8da0bbd9293a1
- SHA256
  
  a05e5f27c77a04b66b6bd8a6e8028c4972ddac94eb4e954228c0b0e7fb5f0cbf
- SHA512
  
  427de382c45654a25e545ef5ea7c5f6e98bc2b1ab474968e7b3554644248146c52830396d2a4d2cfe810797abad6597c2ee7434dac58d70723883c3e25dde6c9
- SSDEEP
  
  384:IL1d8xSrN1g7xKudNdtADaM4E7FBoU+BH9eW:Igx+WxKuMDaMpZiU6eW
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2