b2aae5ebb2806b4cabf0942deda8ac8830565f2d351c919cb57e765a3d343a9f | Triage

Sharing

General

Target

b2aae5ebb2806b4cabf0942deda8ac8830565f2d351c919cb57e765a3d343a9f.exe
Size

20KB
Sample

241119-qpfcva1ner
MD5

498cb976e2e2d5db234c000ae6271914
SHA1

c21327bf0557e175f928dce1adb13ad915dbca72
SHA256

b2aae5ebb2806b4cabf0942deda8ac8830565f2d351c919cb57e765a3d343a9f
SHA512

09afcf45f18aa9da67e2a1edc94365087db63047f1b44123fb9001cd65fb1e42fed6bceafba170318b33a37f13b34c54ac17d9781de849657c08aa6f26701bb5
SSDEEP

384:9te/tfF1NNK0QA27q0YCeDad8uWXrgM3hBpkuKYCOMqLxgH5NkNU/O7r:y5nNMxT3nd83TBjKtOMMxIN+0O7r

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b2aae5ebb2806b4cabf0942deda8ac8830565f2d351c919cb57e765a3d343a9f.exe
- Size
  
  20KB
- MD5
  
  498cb976e2e2d5db234c000ae6271914
- SHA1
  
  c21327bf0557e175f928dce1adb13ad915dbca72
- SHA256
  
  b2aae5ebb2806b4cabf0942deda8ac8830565f2d351c919cb57e765a3d343a9f
- SHA512
  
  09afcf45f18aa9da67e2a1edc94365087db63047f1b44123fb9001cd65fb1e42fed6bceafba170318b33a37f13b34c54ac17d9781de849657c08aa6f26701bb5
- SSDEEP
  
  384:9te/tfF1NNK0QA27q0YCeDad8uWXrgM3hBpkuKYCOMqLxgH5NkNU/O7r:y5nNMxT3nd83TBjKtOMMxIN+0O7r
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2