0549a69c61e8ffc3226d9f9862875ac36dbc1bddb9a70f61e856cc2bb50ce024 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0549a69c61e8ffc3226d9f9862875ac36dbc1bddb9a70f61e856cc2bb50ce024N
Size

1.2MB
Sample

240927-kvxanaxekd
MD5

f449698226d8680720454004e80e0830
SHA1

0a6f7068b54ec2a9fd6da3d11fb8b6dba347672a
SHA256

0549a69c61e8ffc3226d9f9862875ac36dbc1bddb9a70f61e856cc2bb50ce024
SHA512

b651fdc46c83ec4fc3755a62d17edc1c94228eade94214e9d94cf93fd81d68b9111c121eb1c98663a47b74b6729f7936094baf4c2df1338bff6e2a390aba9c32
SSDEEP

12288:d+67XR9JSSxvYGdodH/1CVc1CVIw/bBAJ2:d+6N986Y7twDWo

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0549a69c61e8ffc3226d9f9862875ac36dbc1bddb9a70f61e856cc2bb50ce024N
- Size
  
  1.2MB
- MD5
  
  f449698226d8680720454004e80e0830
- SHA1
  
  0a6f7068b54ec2a9fd6da3d11fb8b6dba347672a
- SHA256
  
  0549a69c61e8ffc3226d9f9862875ac36dbc1bddb9a70f61e856cc2bb50ce024
- SHA512
  
  b651fdc46c83ec4fc3755a62d17edc1c94228eade94214e9d94cf93fd81d68b9111c121eb1c98663a47b74b6729f7936094baf4c2df1338bff6e2a390aba9c32
- SSDEEP
  
  12288:d+67XR9JSSxvYGdodH/1CVc1CVIw/bBAJ2:d+6N986Y7twDWo
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2