aff51afe2ea097d78ac708ccbff1e1fe1fbc1b8f6b0df3eb8623ce8e5f8397c3 | Triage

Sharing

General

Target

aff51afe2ea097d78ac708ccbff1e1fe1fbc1b8f6b0df3eb8623ce8e5f8397c3N
Size

59KB
Sample

240919-f7tcbatbpr
MD5

88ae37ea5d5e4d41cd54176052a1a6d0
SHA1

2466267368a278288ec404e352676739e2d44adf
SHA256

aff51afe2ea097d78ac708ccbff1e1fe1fbc1b8f6b0df3eb8623ce8e5f8397c3
SHA512

c5eb635e529f4372e56af6758900659c61848e64cd181c6df1f903d1fe23a9072631d9ae344c7388334de7b1503792aa20707a3f19271aceb11898d9fe3b2687
SSDEEP

384:PsjPGY2HXgrk8YhQ98E8I1XAV/QcaYpATUgch1A9NB/erxRXkoA:PePG5H8+hKD8ISZQjkgs1lxRjA

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  aff51afe2ea097d78ac708ccbff1e1fe1fbc1b8f6b0df3eb8623ce8e5f8397c3N
- Size
  
  59KB
- MD5
  
  88ae37ea5d5e4d41cd54176052a1a6d0
- SHA1
  
  2466267368a278288ec404e352676739e2d44adf
- SHA256
  
  aff51afe2ea097d78ac708ccbff1e1fe1fbc1b8f6b0df3eb8623ce8e5f8397c3
- SHA512
  
  c5eb635e529f4372e56af6758900659c61848e64cd181c6df1f903d1fe23a9072631d9ae344c7388334de7b1503792aa20707a3f19271aceb11898d9fe3b2687
- SSDEEP
  
  384:PsjPGY2HXgrk8YhQ98E8I1XAV/QcaYpATUgch1A9NB/erxRXkoA:PePG5H8+hKD8ISZQjkgs1lxRjA
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2