d876d33c50fdd899eabed09e915b477bdfb2411bcc8779769f1ddb1607f7b5e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d876d33c50fdd899eabed09e915b477bdfb2411bcc8779769f1ddb1607f7b5e7N
Size

17KB
Sample

241002-dw7pfsyclc
MD5

8f254a0b0cc05f64c7551b8c6ec0eeb0
SHA1

2b16713ae8e856720618638911c464b1c6f709e2
SHA256

d876d33c50fdd899eabed09e915b477bdfb2411bcc8779769f1ddb1607f7b5e7
SHA512

3c0b43884455ea31025880909256123adaf49c0de0886d4726f8cf9c1ee0ca4d5139d65c3641f894265ea81f9a083335774b2660039c87900bd6b0921c9a4431
SSDEEP

192:xT03k1tH4/7sNjqePGZAQgkYCJJW0TSJoMjC1vuCSPmw3QTebTE/Wj8kqsO3Tpv:fY/7iMmQgVC+02JWuCSPmSQTebw/UqF1

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d876d33c50fdd899eabed09e915b477bdfb2411bcc8779769f1ddb1607f7b5e7N
- Size
  
  17KB
- MD5
  
  8f254a0b0cc05f64c7551b8c6ec0eeb0
- SHA1
  
  2b16713ae8e856720618638911c464b1c6f709e2
- SHA256
  
  d876d33c50fdd899eabed09e915b477bdfb2411bcc8779769f1ddb1607f7b5e7
- SHA512
  
  3c0b43884455ea31025880909256123adaf49c0de0886d4726f8cf9c1ee0ca4d5139d65c3641f894265ea81f9a083335774b2660039c87900bd6b0921c9a4431
- SSDEEP
  
  192:xT03k1tH4/7sNjqePGZAQgkYCJJW0TSJoMjC1vuCSPmw3QTebTE/Wj8kqsO3Tpv:fY/7iMmQgVC+02JWuCSPmSQTebw/UqF1
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2