7982a8dd7cbafc7dc7bb0987276aa883c347ff496d9dfb5ec0852bc49d03b8bc | Triage

Sharing

General

Target

5xxxx.zip
Size

385.6MB
Sample

241006-naplvs1bpp
MD5

ef3e4d0519646e999bc294081acd66a8
SHA1

72d013d994993ab932986ab76bfcb51d2597d2b1
SHA256

7982a8dd7cbafc7dc7bb0987276aa883c347ff496d9dfb5ec0852bc49d03b8bc
SHA512

4a4fdc21c97260512be146305a3c40cc308313295f0f2f607c7743cf27d25aaca35d32e201b578cc69b6534f3bd8333f1e6baa6439b4129b4f7031b79f4c69ba
SSDEEP

6291456:8N6IBVuL2m+nq4lIB/tuUNuCosrLxUYkDpE2kigo9848PXOn6p0vdKFZTFdQBR:u3P/3l/eucLxURE2hnn6p0lcZTP8

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  1.exe
- Size
  
  76.6MB
- MD5
  
  3349f183031e408184911fa550771202
- SHA1
  
  b59a234cfeadc20d8e1d9fe8c6c08e518cdb9599
- SHA256
  
  ac68264aa576605b946549045c022233fce1f76dda231ba5154e7090f7ac826d
- SHA512
  
  0311913b18e2efd0c24e65368a635309ef22cdb38fb73feeef7a200c226b26a6c331289b0e6a8c93cceac7825bf82681a98e7ec8ef7312809cebbbd9a8fa0805
- SSDEEP
  
  1572864:e5A5A5A5A5A5A58BbWABbWABbWABbWABbWABbWc5A5A5A5IcjHxln8FRFePNxQN:e5A5A5A5A5A5A585Z5Z5Z5Z5Z5p5A5Ap
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  2.exe
- Size
  
  76.4MB
- MD5
  
  86cf5d2cab3f8464e27c418a51da8f3e
- SHA1
  
  3f63c9a67879c669ad4fd445c4cdb0a349150864
- SHA256
  
  90893fccb8931dab642099386133d9308fcb20248414508357b07610180121e1
- SHA512
  
  2b8453cdcde7bef68ce4c01fef25f3215cd881c6366bcc7e44b263f155f1a4813d729d2ed792c3180e6af18b6654c93324b437d7f7328fd3588309b52563171a
- SSDEEP
  
  1572864:wwKKKKKKdamamamamamaFKKKzerFmDB7uENQecB01mQO2:w6dddddnWFmhQe82
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  Setup.exe
- Size
  
  104.3MB
- MD5
  
  7fa83fe4857eaaf6fc6db9297c844038
- SHA1
  
  2a327cb8fbfd1273c18947817899dd98affe0051
- SHA256
  
  933ade515e0f2d50619c89a7db18a898e6029448437ce72d6306fe67e269b507
- SHA512
  
  b61ecf63897e0fb48d1a732cd4bb5537d3e6f6ada31a6011c12ffe1516cadc68a4e1cf1f806c735d127282ca2528b9b373976ddb0baefacdfcad4163f00f6db0
- SSDEEP
  
  1572864:0X+S+V9LyN0C1qh6maqmmRoF+dnQ6dkkGFinQ6dkkGFinQYPcAtjTDhlHYxZGf8A:0X+p3uN0CaFlQ9FiQ9FiQYEAlHQZGf8A
Score

7^/10

discovery
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  _中文版_TG_telegrnai_win_dows_ios_X_64.exe
- Size
  
  98.8MB
- MD5
  
  58decf192ba1ebd76fa3fe155fa05ea2
- SHA1
  
  8285e9fbfe9615f46051a270336693d2ad996ee1
- SHA256
  
  669db5bbaf621c8db4bda2973be525b8f2b61fe3345a7f80782dba3477361151
- SHA512
  
  1a1413c9c676b86991490a95779154af2763300e0ac09206479b6302f21088279bcb7228a93c2a9ca8f6108e57d7cdc17d11da6700fe8eb2a4173ca9f93ffb78
- SSDEEP
  
  3145728:6kidNrhao4YlScXFOC9+NbbuPfsArtK4eRKQBDKPFz4m9enGr:6kWnao4wtFf9TXXtZ8K8GPFsSeQ
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  potato_latestx64.exe
- Size
  
  36.6MB
- MD5
  
  32de33fa29f59bbf9eed061a8206c068
- SHA1
  
  39f650ba2f5df46efc1a5c4603b94e0cde41dab5
- SHA256
  
  0b6bcbd6fa84ee15a2d6752377d74acd3d2b27a784381199252d48d0535bcc0e
- SHA512
  
  3645c05e4762cae51d58b5744db2da38690ee3559029f67c87500592572acd73a8e30383b39fdb4fb931a7c06cf7ab7292657217d6a0fb0c45fa4704b7444373
- SSDEEP
  
  786432:QxOtk8Nf+CPCKjEYh/FxVymMqTAS/Hqdpxq9327MpOuzfzpgg4nocFEnvY:QxOtJNHCKjEYhonpxq9m7MpOYzpxXcFB
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10