3a197db39a7b1ab803901b188d9c75982b04ec6f8dfe2b4f53eab8dcee1aef47 | Triage

Sharing

General

Target

3a197db39a7b1ab803901b188d9c75982b04ec6f8dfe2b4f53eab8dcee1aef47N
Size

89KB
Sample

240919-gy1wgavard
MD5

7aca3fb79b80c626d0aea2fc2dc5d580
SHA1

c1c038c4706590bc580ddbb35d3e62363b3cc2fd
SHA256

3a197db39a7b1ab803901b188d9c75982b04ec6f8dfe2b4f53eab8dcee1aef47
SHA512

8758668822aabeb723865384357679b14eb75dc229524a10fe7e3046af7c59c8b49a91a0fa83916c983179faafa4c70f51f931d1494d57ec325b124d33c1d7e4
SSDEEP

1536:ozfMMkPZE1J7S6/PMj42VJEY4ujMepJtANuOAl0QQsIEySYndfc6QkAbt7:+fMNE1JG6XMk27EbpOthl0ZUed06QTx

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3a197db39a7b1ab803901b188d9c75982b04ec6f8dfe2b4f53eab8dcee1aef47N
- Size
  
  89KB
- MD5
  
  7aca3fb79b80c626d0aea2fc2dc5d580
- SHA1
  
  c1c038c4706590bc580ddbb35d3e62363b3cc2fd
- SHA256
  
  3a197db39a7b1ab803901b188d9c75982b04ec6f8dfe2b4f53eab8dcee1aef47
- SHA512
  
  8758668822aabeb723865384357679b14eb75dc229524a10fe7e3046af7c59c8b49a91a0fa83916c983179faafa4c70f51f931d1494d57ec325b124d33c1d7e4
- SSDEEP
  
  1536:ozfMMkPZE1J7S6/PMj42VJEY4ujMepJtANuOAl0QQsIEySYndfc6QkAbt7:+fMNE1JG6XMk27EbpOthl0ZUed06QTx
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2