b87d54cf85a9fbd0722c28caacd7b6e59d759d81becb634c98a26983bc46be1f | Triage

Sharing

General

Target

b87d54cf85a9fbd0722c28caacd7b6e59d759d81becb634c98a26983bc46be1fN
Size

36KB
Sample

240919-fs8hpasfjq
MD5

15a0846b2a721f78d5deff6641c38f00
SHA1

46b9be861e14dda3e63384dd6924fc48867f798f
SHA256

b87d54cf85a9fbd0722c28caacd7b6e59d759d81becb634c98a26983bc46be1f
SHA512

70c5cf63d4209d2c75e5a140956bf16d436e186eb9617f6fe823cf4a204844d68e5d2b056f6452a947e4e71b39c5e1a7954e135dfb366e082d8a55327aadf5e4
SSDEEP

384:MApc8m4e0GvQak4JI341C0abnk6hJPohjLmyGF:MApQr0GvdFJI34qTk6hJPoVi3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b87d54cf85a9fbd0722c28caacd7b6e59d759d81becb634c98a26983bc46be1fN
- Size
  
  36KB
- MD5
  
  15a0846b2a721f78d5deff6641c38f00
- SHA1
  
  46b9be861e14dda3e63384dd6924fc48867f798f
- SHA256
  
  b87d54cf85a9fbd0722c28caacd7b6e59d759d81becb634c98a26983bc46be1f
- SHA512
  
  70c5cf63d4209d2c75e5a140956bf16d436e186eb9617f6fe823cf4a204844d68e5d2b056f6452a947e4e71b39c5e1a7954e135dfb366e082d8a55327aadf5e4
- SSDEEP
  
  384:MApc8m4e0GvQak4JI341C0abnk6hJPohjLmyGF:MApQr0GvdFJI34qTk6hJPoVi3
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2