0ba41cf75f7e9e52c5cacbcb66b02eb30e0608599fd8a17ed4b90f2450c470d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ba41cf75f7e9e52c5cacbcb66b02eb30e0608599fd8a17ed4b90f2450c470d1
Size

1.1MB
Sample

240928-xt72zsvbra
MD5

dd4d7abeac4fd419ef3ebb557e7e347c
SHA1

b96eab58c7432eef3fc47f9bf603affb07cf3531
SHA256

0ba41cf75f7e9e52c5cacbcb66b02eb30e0608599fd8a17ed4b90f2450c470d1
SHA512

91afa7cf7e320e6dc7bc9ee4ea77602a641cce282133e9f7417716aa073b075adb7fb0cfdbfafc589658344c309e73eb6f67d0c78e3c8051c6b2fe378b5f9da1
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Q2:acallSllG4ZM7QzMN

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0ba41cf75f7e9e52c5cacbcb66b02eb30e0608599fd8a17ed4b90f2450c470d1
- Size
  
  1.1MB
- MD5
  
  dd4d7abeac4fd419ef3ebb557e7e347c
- SHA1
  
  b96eab58c7432eef3fc47f9bf603affb07cf3531
- SHA256
  
  0ba41cf75f7e9e52c5cacbcb66b02eb30e0608599fd8a17ed4b90f2450c470d1
- SHA512
  
  91afa7cf7e320e6dc7bc9ee4ea77602a641cce282133e9f7417716aa073b075adb7fb0cfdbfafc589658344c309e73eb6f67d0c78e3c8051c6b2fe378b5f9da1
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Q2:acallSllG4ZM7QzMN
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2