04bf6e981fc332c25aa893a7f071f3974f58292cb334570a558764f9f097967e | Triage

Resubmissions

14/10/2024, 11:51

241014-nz677sygql 7

14/10/2024, 11:44

241014-nv7yyayfrq 7

Sharing

Copy URL Twitter E-mail

General

Target

Chara.zip
Size

1.3MB
Sample

241014-nv7yyayfrq
MD5

d10d5089fc2c60684696d9976941f948
SHA1

0e12a848bacf5b3c0b52e590c926d6b58ac4a644
SHA256

04bf6e981fc332c25aa893a7f071f3974f58292cb334570a558764f9f097967e
SHA512

feb44df6b9908bd8e5bdf48939ef75a544e34e9dc8ea3697720dddb6ef6ac7b5e71c1c489d1fd633e8cd1aab981af884e67b81ef08e5cefcd7acfeeafef40997
SSDEEP

24576:e+/uMrftiEjbOMd6vkWx9QIIxUouUegzT/N+jkGGjpmPJcT:e+/uIYEfd68WcIIxLXgjtBcT

Score

7^/10

execution link qr

Malware Config

Targets

- Target
  
  Chara/Run.bat
- Size
  
  55B
- MD5
  
  953afedf73e9fd5cbd5dbcd0920aba23
- SHA1
  
  b5b55fc17f8f6ab01a13e07fd9a5d9565660ac86
- SHA256
  
  ec96730cd5760f76624c76d0c318095c8baebf131a457ce0e7f06169e01bc8d8
- SHA512
  
  56f17fe591313dbd4d97a360b6f0c824e841270c6c456475ebe45f5a307dfc4b5bc6b3c4f1e9696ed2dff525586debc6cf0e95a86d755ab25fd83cdd6f32c421
Score

7^/10

execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2