151869c507cc328addc531df01b4b659d929df630e719267d2f52397a4d914c0 | Triage

Sharing

General

Target

Andromeda‌‌‌ BY @STRANGEMALWARE.exe
Size

11.7MB
Sample

240921-vfcykssgnc
MD5

2d74c0773274a5a26452a58597b71dae
SHA1

eb55c987262efad46d4ee1368c947d82defcb0b5
SHA256

151869c507cc328addc531df01b4b659d929df630e719267d2f52397a4d914c0
SHA512

0c0758fe0667bc62bbb09e8a34345cd4605e1c9e938c7aeb6e92583fd4616bf092898ce41e61184d5f8d055e6eede42e6803be21a4e1b077462d0d4c4339f4ba
SSDEEP

196608:WzIuGN2e2/PEIr9dpoKjT+uwVkSWO2t0c+gWzs634rS0gQfx+vD7clrfj1Y:WFA2JnjrpoKjTB+HWORcxWQVrSkAgl/

Score

7^/10

Malware Config

Targets

- Target
  
  Andromeda‌‌‌ BY @STRANGEMALWARE.exe
- Size
  
  11.7MB
- MD5
  
  2d74c0773274a5a26452a58597b71dae
- SHA1
  
  eb55c987262efad46d4ee1368c947d82defcb0b5
- SHA256
  
  151869c507cc328addc531df01b4b659d929df630e719267d2f52397a4d914c0
- SHA512
  
  0c0758fe0667bc62bbb09e8a34345cd4605e1c9e938c7aeb6e92583fd4616bf092898ce41e61184d5f8d055e6eede42e6803be21a4e1b077462d0d4c4339f4ba
- SSDEEP
  
  196608:WzIuGN2e2/PEIr9dpoKjT+uwVkSWO2t0c+gWzs634rS0gQfx+vD7clrfj1Y:WFA2JnjrpoKjTB+HWORcxWQVrSkAgl/
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2