588ba2a946df4cb0059f7a70f7fc564b3f7ea2bdbdd99eca47951df754e989ec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

588ba2a946df4cb0059f7a70f7fc564b3f7ea2bdbdd99eca47951df754e989ec
Size

53KB
Sample

240929-1g1c6a1hkk
MD5

c9e59d8b8aab9d168ec41029c4396c3c
SHA1

cdb5f5d46f7d98ce95c8f1ff1a37361bff9154c0
SHA256

588ba2a946df4cb0059f7a70f7fc564b3f7ea2bdbdd99eca47951df754e989ec
SHA512

bd7f58347dd66a55af60867d38014b2c0743f9eb1beb6cf607d1d6f611981cafe90864b4943e41df17f51a5f69167678e873a97163e96e12d1d448c5ca6e6894
SSDEEP

1536:4NGg8r8QHgdxoan7Kp3StjEMjmLM3ztDJWZsXy4JzxPME:3gdx3nJJjmLM3zRJWZsXy4Jt

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  588ba2a946df4cb0059f7a70f7fc564b3f7ea2bdbdd99eca47951df754e989ec
- Size
  
  53KB
- MD5
  
  c9e59d8b8aab9d168ec41029c4396c3c
- SHA1
  
  cdb5f5d46f7d98ce95c8f1ff1a37361bff9154c0
- SHA256
  
  588ba2a946df4cb0059f7a70f7fc564b3f7ea2bdbdd99eca47951df754e989ec
- SHA512
  
  bd7f58347dd66a55af60867d38014b2c0743f9eb1beb6cf607d1d6f611981cafe90864b4943e41df17f51a5f69167678e873a97163e96e12d1d448c5ca6e6894
- SSDEEP
  
  1536:4NGg8r8QHgdxoan7Kp3StjEMjmLM3ztDJWZsXy4JzxPME:3gdx3nJJjmLM3zRJWZsXy4Jt
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2