f21c9097e0764b0e2a96d72a1cc753b68c055e2b8f7db05a2bbc22c3b23e8f74 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bw.exe
Size

96.4MB
Sample

241012-q9g26stfkb
MD5

f8aaaabcb6eded0022fc0f2c64786b64
SHA1

a3f61f93e9cd5872b493000f1e7aca0501852841
SHA256

f21c9097e0764b0e2a96d72a1cc753b68c055e2b8f7db05a2bbc22c3b23e8f74
SHA512

d552dba26af5622eefa919215ece752d78f939353d9aafa3c956230a4296ec2e619261dd20f80f32e4319ba6ae5298989e8b31c02c49bf0bd08c06c046c28966
SSDEEP

393216:PyT3YGojrsBEnP4XrqSFM+FcrONRtgZJ93AEMQu58EISEhoIaE2FShMzTVA+BDEW:PWeBZ6QxhUDE5YO26rsxc/zAnSSkRw5

Score

7^/10

Malware Config

Targets

- Target
  
  bw.exe
- Size
  
  96.4MB
- MD5
  
  f8aaaabcb6eded0022fc0f2c64786b64
- SHA1
  
  a3f61f93e9cd5872b493000f1e7aca0501852841
- SHA256
  
  f21c9097e0764b0e2a96d72a1cc753b68c055e2b8f7db05a2bbc22c3b23e8f74
- SHA512
  
  d552dba26af5622eefa919215ece752d78f939353d9aafa3c956230a4296ec2e619261dd20f80f32e4319ba6ae5298989e8b31c02c49bf0bd08c06c046c28966
- SSDEEP
  
  393216:PyT3YGojrsBEnP4XrqSFM+FcrONRtgZJ93AEMQu58EISEhoIaE2FShMzTVA+BDEW:PWeBZ6QxhUDE5YO26rsxc/zAnSSkRw5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2