97abef4357a00475a77f77f1eb242089ad51071a5b859f1819edf4185b5139fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

OptimumSpringer.zip
Size

1.1MB
Sample

240921-d1r5kasgre
MD5

ed223aa432c5ab9cc8417ae60dccd867
SHA1

af64877d04fdff5c17f9272029c765c2ea9b0293
SHA256

97abef4357a00475a77f77f1eb242089ad51071a5b859f1819edf4185b5139fb
SHA512

0ca6908b70dca2bdc41bc3c8992ae1ccee27f588f4969df4265b145224078c7f33234feda4ef36182388bc85da5841c49c3954e539a78d7d1c3796f12d8967c1
SSDEEP

24576:rm2OUeqlP45dotisa1BkqyZXg7dgDct7TPYxlz6CIi8stvTCwnCrG0:yhq25doeyZEds1vTw9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  OptimumSpringer.exe
- Size
  
  1.1MB
- MD5
  
  8ffbf214d7454bf128090a8c8d153a47
- SHA1
  
  8f6abf4182fdc434439d465ef441daca7da139f5
- SHA256
  
  7743ae136468fc1d3877c8cbdbdc169d8bfd6a073412094b8619046d35c7bf1b
- SHA512
  
  af4ac5dead117befdc1a951a3bd78469bc50d046c90b583e14fa2a2b0bec243fe7dc6197804dfe2608bd13ca25f245e1c5f51ce1df4ac092a3c831498f5fe8a9
- SSDEEP
  
  24576:DzZ7m6L/msMbFWOV0shoxA4KHhjTV0zk9pRQsLWJL1Hbv:DJFLgw80shwAT/V0OQAkL1v
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2