af12692a68de7a9e9b06b4ef4f250059d343d9f4448eb7b34d84d9224cd1a3cc | Triage

Sharing

General

Target

af12692a68de7a9e9b06b4ef4f250059d343d9f4448eb7b34d84d9224cd1a3ccN
Size

519KB
Sample

241001-bkbfrsxfkb
MD5

90c22099cf3775b2a1b7b2c500b6af40
SHA1

a6a4ffa617cdce17c08272543549c70e1aca4df5
SHA256

af12692a68de7a9e9b06b4ef4f250059d343d9f4448eb7b34d84d9224cd1a3cc
SHA512

2b89dbc2e5b68f6d0e8424306772f5f8b06d7e7f0a54da848779d3511e3bc3e5489ce0a52e1ed1f73e16787699ae512b975db9f52a3038f8547b57522372b0e9
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxY:dqDAwl0xPTMiR9JSSxPUKYGdodHX

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  af12692a68de7a9e9b06b4ef4f250059d343d9f4448eb7b34d84d9224cd1a3ccN
- Size
  
  519KB
- MD5
  
  90c22099cf3775b2a1b7b2c500b6af40
- SHA1
  
  a6a4ffa617cdce17c08272543549c70e1aca4df5
- SHA256
  
  af12692a68de7a9e9b06b4ef4f250059d343d9f4448eb7b34d84d9224cd1a3cc
- SHA512
  
  2b89dbc2e5b68f6d0e8424306772f5f8b06d7e7f0a54da848779d3511e3bc3e5489ce0a52e1ed1f73e16787699ae512b975db9f52a3038f8547b57522372b0e9
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxY:dqDAwl0xPTMiR9JSSxPUKYGdodHX
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2