0de413544e6266ed32ef894ffb8c44d00dd8bcbfcd5dd709295b9ad38e50b859 | Triage

Sharing

General

Target

0de413544e6266ed32ef894ffb8c44d00dd8bcbfcd5dd709295b9ad38e50b859
Size

1.1MB
Sample

240921-x4dacsyhpp
MD5

72ea84f57ec7914cd5e8beb478531a82
SHA1

22323c68baeb3ca22749b128db512544ad6225b2
SHA256

0de413544e6266ed32ef894ffb8c44d00dd8bcbfcd5dd709295b9ad38e50b859
SHA512

85c0fe92f917fc4cba6a3b54a7086c3a7e91dd404f7a72c8c99914d1168b8726fee1328cf3d3338e61a9ac3456a26f0b377704a791d3cb300b4b31cef2d99cda
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qw:acallSllG4ZM7QzMH

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0de413544e6266ed32ef894ffb8c44d00dd8bcbfcd5dd709295b9ad38e50b859
- Size
  
  1.1MB
- MD5
  
  72ea84f57ec7914cd5e8beb478531a82
- SHA1
  
  22323c68baeb3ca22749b128db512544ad6225b2
- SHA256
  
  0de413544e6266ed32ef894ffb8c44d00dd8bcbfcd5dd709295b9ad38e50b859
- SHA512
  
  85c0fe92f917fc4cba6a3b54a7086c3a7e91dd404f7a72c8c99914d1168b8726fee1328cf3d3338e61a9ac3456a26f0b377704a791d3cb300b4b31cef2d99cda
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qw:acallSllG4ZM7QzMH
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2