475c4419194ec4edc78db7a0ef5f309ede6762d1d94b459042e3e02225164c6e | Triage

Sharing

General

Target

475c4419194ec4edc78db7a0ef5f309ede6762d1d94b459042e3e02225164c6e
Size

163KB
Sample

241008-zxhbvazgqa
MD5

1d0f537187e0395b75056a1acc89511e
SHA1

e93de9495a1fc3b985d28dc09b7f8b2dfae11677
SHA256

475c4419194ec4edc78db7a0ef5f309ede6762d1d94b459042e3e02225164c6e
SHA512

11bba85f7aeb8ced5972789b7d29861580e1268fc50ec032c92c5fa92fe0164a8b5aba6df675927015a5889f5294f91b64fed7d187dca22218e367389830d467
SSDEEP

3072:S4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez43:JiI/PlY37ZLF4Ca6WABqBOvs3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  475c4419194ec4edc78db7a0ef5f309ede6762d1d94b459042e3e02225164c6e
- Size
  
  163KB
- MD5
  
  1d0f537187e0395b75056a1acc89511e
- SHA1
  
  e93de9495a1fc3b985d28dc09b7f8b2dfae11677
- SHA256
  
  475c4419194ec4edc78db7a0ef5f309ede6762d1d94b459042e3e02225164c6e
- SHA512
  
  11bba85f7aeb8ced5972789b7d29861580e1268fc50ec032c92c5fa92fe0164a8b5aba6df675927015a5889f5294f91b64fed7d187dca22218e367389830d467
- SSDEEP
  
  3072:S4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez43:JiI/PlY37ZLF4Ca6WABqBOvs3
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2