cb6f4fa8f278f1b1089d848ca9e66979e3ce01b75c3fc879dc6e917a0d5cfc4e | Triage

Sharing

General

Target

Debug.rar
Size

1.9MB
Sample

241006-n355baseln
MD5

e063dd2cfad14dc4c00544d58fdc46ae
SHA1

239a736f74b01c5f098743a0c04f9ea8251b4f7f
SHA256

cb6f4fa8f278f1b1089d848ca9e66979e3ce01b75c3fc879dc6e917a0d5cfc4e
SHA512

319982e10b35e0ce78a605149c4c7b5018c83e1e6ba70ebdc904fa9c4334105a876d7a9b8e533cb7edae33eb2a4ab88d3a8873b4b8a84cc5b6f851e9b938c42c
SSDEEP

49152:7wYSIRzOcHCGUT/A+ylGsJ61SptI+TjuFjgu7k/AWA7BHpVZ:7wMhUU+ylRzvvyjNSAWaBJVZ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Debug/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c97f23b52087cfa97985f784ea83498f
- SHA1
  
  d364618bec9cd6f8f5d4c24d3cc0f4c1a8e06b89
- SHA256
  
  e658e8a5616245dbe655e194b59f1bb704aaeafbd0925d6eebbe70555a638cdd
- SHA512
  
  ecfa83596f99afde9758d1142ff8b510a090cba6f42ba6fda8ca5e0520b658943ad85829a07bf17411e26e58432b74f05356f7eaeb3949a8834faa5de1a4f512
- SSDEEP
  
  49152:cvrqKk8q2gqi2OXCt6kuSw9g8PTNTN/23uxjPHEiCAjFcm:cvrqZr
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1
- Target
  
  Debug/Newtonsoft.Json.dll
- Size
  
  695KB
- MD5
  
  195ffb7167db3219b217c4fd439eedd6
- SHA1
  
  1e76e6099570ede620b76ed47cf8d03a936d49f8
- SHA256
  
  e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
- SHA512
  
  56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
- SSDEEP
  
  12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score

1^/10
behavioral2
- Target
  
  Debug/Siticone.UI.dll
- Size
  
  1.3MB
- MD5
  
  750c58af2e56b6addecffcf152520ab8
- SHA1
  
  14995e7f1d12498606d9d209d78d55fe6fd87802
- SHA256
  
  27c56a28cbde094157206da1bfcd7a395111ab97b8a5ff600b11c2175dcefb26
- SHA512
  
  2179790e23f61b3dfea828457f8609279c70b1e071cddc73b1dbda02caa664e0aae2553fc24a4956f9e89c477d66b1a704bde26fa23bc6db26c19e18db00abb5
- SSDEEP
  
  24576:QVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8gb:u8NlaVeuHFb
Score

1^/10
behavioral3
- Target
  
  Debug/randomimgooey.exe
- Size
  
  628KB
- MD5
  
  696e624ba6409163bbb26a60aceed608
- SHA1
  
  9240eb4d53df335d534e6dbec7016cc439415f88
- SHA256
  
  a317209c1db75938b05c69ff70d8098c763e19dcb68bf9dbf7094124a0683b08
- SHA512
  
  c87f7b80edcc19aed52e7e90ee7edc24241d76a7dc63b9b14f11d9a067aafd9fedc98dffac84d8370ef6aef82f01e14732878ecd6abf446d23b4f1194e484e9c
- SSDEEP
  
  12288:Whv9+c4HNi4kFLXJa83cH0/XxtXJpGU0jMqWLynqq5+MN+L:WiHlMLi0/Xv+9g+51+
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4