2b3c09742aa9529648d047d17021df871f03e166892d08c511f6d73d0fe8a42a | Triage

Sharing

General

Target

2b3c09742aa9529648d047d17021df871f03e166892d08c511f6d73d0fe8a42a
Size

1.1MB
Sample

240925-x3jqrawelf
MD5

5edf7e58ada43bd9abb991ac8523855d
SHA1

187eda7eb302f457f4001e5aa1b5a1ed606466c0
SHA256

2b3c09742aa9529648d047d17021df871f03e166892d08c511f6d73d0fe8a42a
SHA512

8d746d01306837127d43af3701b9d302993964cb75151a66bde8c5b2c691f1e84ebbe1faff2e197ccd844065a87290d794cecafa526258b497412e071f0532b1
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QB:acallSllG4ZM7QzMS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2b3c09742aa9529648d047d17021df871f03e166892d08c511f6d73d0fe8a42a
- Size
  
  1.1MB
- MD5
  
  5edf7e58ada43bd9abb991ac8523855d
- SHA1
  
  187eda7eb302f457f4001e5aa1b5a1ed606466c0
- SHA256
  
  2b3c09742aa9529648d047d17021df871f03e166892d08c511f6d73d0fe8a42a
- SHA512
  
  8d746d01306837127d43af3701b9d302993964cb75151a66bde8c5b2c691f1e84ebbe1faff2e197ccd844065a87290d794cecafa526258b497412e071f0532b1
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QB:acallSllG4ZM7QzMS
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2