072c2e99429b7b3b0e421fd54911241d2eabeadd2dfe89d92899a2b406a48b57 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

072c2e99429b7b3b0e421fd54911241d2eabeadd2dfe89d92899a2b406a48b57
Size

22KB
Sample

240914-w3rwpaycnm
MD5

35e1da9d75172743eaa20a006ebf281a
SHA1

03194e6f9732b414e4c5a391de553e0ba77d6fb2
SHA256

072c2e99429b7b3b0e421fd54911241d2eabeadd2dfe89d92899a2b406a48b57
SHA512

975e6a18acad06a467afbb3ffeeb553d0041013b5f4be1dba84739ad4f6d078a0062b38c724ca1c1e125afbdc89af8992b3dd90a3c04c7ea911940115e23b9bf
SSDEEP

384:2p/c7+UldIjKDKYJZd1WwKoYe68ZS6jKFWY:A/E+UlejKbjWwKtUZS6O

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  072c2e99429b7b3b0e421fd54911241d2eabeadd2dfe89d92899a2b406a48b57
- Size
  
  22KB
- MD5
  
  35e1da9d75172743eaa20a006ebf281a
- SHA1
  
  03194e6f9732b414e4c5a391de553e0ba77d6fb2
- SHA256
  
  072c2e99429b7b3b0e421fd54911241d2eabeadd2dfe89d92899a2b406a48b57
- SHA512
  
  975e6a18acad06a467afbb3ffeeb553d0041013b5f4be1dba84739ad4f6d078a0062b38c724ca1c1e125afbdc89af8992b3dd90a3c04c7ea911940115e23b9bf
- SSDEEP
  
  384:2p/c7+UldIjKDKYJZd1WwKoYe68ZS6jKFWY:A/E+UlejKbjWwKtUZS6O
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2