19aedf18d48b973d9859dfb5547568a71d71255a5404bafc1d328b269f30ec25 | Triage

Sharing

General

Target

19aedf18d48b973d9859dfb5547568a71d71255a5404bafc1d328b269f30ec25N
Size

40KB
Sample

240930-z87e4szdmd
MD5

bc8fa93d6e599119ebfdce3fc70edd00
SHA1

b24f296f5eb991c2db8ff2113d8371ff8a8ec569
SHA256

19aedf18d48b973d9859dfb5547568a71d71255a5404bafc1d328b269f30ec25
SHA512

6e78ab50278fdefe9c0fc3f5d1e8a2a67602f83ddf4d4ad7e02fead71ba4f9b9104394475b7d435b431621e6370844997142c3adbcc370b6dd4b7b84eeb319c4
SSDEEP

384:MApc8m4e0LvQac4JI341CNabnkIU0Sq0yDAYe:MApQr0LvddJI34nTkIU0EyTe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  19aedf18d48b973d9859dfb5547568a71d71255a5404bafc1d328b269f30ec25N
- Size
  
  40KB
- MD5
  
  bc8fa93d6e599119ebfdce3fc70edd00
- SHA1
  
  b24f296f5eb991c2db8ff2113d8371ff8a8ec569
- SHA256
  
  19aedf18d48b973d9859dfb5547568a71d71255a5404bafc1d328b269f30ec25
- SHA512
  
  6e78ab50278fdefe9c0fc3f5d1e8a2a67602f83ddf4d4ad7e02fead71ba4f9b9104394475b7d435b431621e6370844997142c3adbcc370b6dd4b7b84eeb319c4
- SSDEEP
  
  384:MApc8m4e0LvQac4JI341CNabnkIU0Sq0yDAYe:MApQr0LvddJI34nTkIU0EyTe
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2