47967c1fb402a8536ccde5893855b5cf9283c352165fcfd31ef943e0babafa92 | Triage

Sharing

General

Target

installer.exe
Size

7.0MB
Sample

240925-lxyryasbmb
MD5

be8f30f145ddb50fa3c05441af904cc5
SHA1

618ea25eff7dee7c24e1756e327180818c11b7a1
SHA256

47967c1fb402a8536ccde5893855b5cf9283c352165fcfd31ef943e0babafa92
SHA512

ec257216349f4d3a0581f5f8c46b09b0821b3ab9ac17310baa17a30d8eb82301828bf257f6652a271d577e0c1fb0bfea07aeab36be603cfa5e8326db946368cb
SSDEEP

196608:yNLPaPVczkhJixJ3ra9ai+QK3lo9rtiO6SzyVumyN:YyxhJkNra9l+QgyOAyVC

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  installer.exe
- Size
  
  7.0MB
- MD5
  
  be8f30f145ddb50fa3c05441af904cc5
- SHA1
  
  618ea25eff7dee7c24e1756e327180818c11b7a1
- SHA256
  
  47967c1fb402a8536ccde5893855b5cf9283c352165fcfd31ef943e0babafa92
- SHA512
  
  ec257216349f4d3a0581f5f8c46b09b0821b3ab9ac17310baa17a30d8eb82301828bf257f6652a271d577e0c1fb0bfea07aeab36be603cfa5e8326db946368cb
- SSDEEP
  
  196608:yNLPaPVczkhJixJ3ra9ai+QK3lo9rtiO6SzyVumyN:YyxhJkNra9l+QgyOAyVC
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery