1dad7bf7816c4d2f0a5c059fcd735c1dd37d545e6bdc96d7181170cf44f3d16e | Triage

Sharing

General

Target

1dad7bf7816c4d2f0a5c059fcd735c1dd37d545e6bdc96d7181170cf44f3d16e
Size

1.1MB
Sample

240929-xvd6aswgqq
MD5

00664a8abbceb2449988e77f8c2201e3
SHA1

200ce64e950ab791c32c54335328e344ac1366b4
SHA256

1dad7bf7816c4d2f0a5c059fcd735c1dd37d545e6bdc96d7181170cf44f3d16e
SHA512

7e0831203faf6c350f2bfd9840eec3e6f2efc45f8369ac575fd368eb730d18beb19cb53e97f2c7f13f9b294e58e480099657b842f04aa014a84a0a1611379ecd
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qd:acallSllG4ZM7QzMG

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  1dad7bf7816c4d2f0a5c059fcd735c1dd37d545e6bdc96d7181170cf44f3d16e
- Size
  
  1.1MB
- MD5
  
  00664a8abbceb2449988e77f8c2201e3
- SHA1
  
  200ce64e950ab791c32c54335328e344ac1366b4
- SHA256
  
  1dad7bf7816c4d2f0a5c059fcd735c1dd37d545e6bdc96d7181170cf44f3d16e
- SHA512
  
  7e0831203faf6c350f2bfd9840eec3e6f2efc45f8369ac575fd368eb730d18beb19cb53e97f2c7f13f9b294e58e480099657b842f04aa014a84a0a1611379ecd
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qd:acallSllG4ZM7QzMG
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2