29924056509a45a317a73a8f0a159adcc4e54bbaaa65bfa22f8784f6624e760e | Triage

Sharing

General

Target

VC_redist.x64.exe
Size

2.3MB
Sample

241119-rh4brs1rcr
MD5

48be7a57e95d308da6ff7b79b0178fb9
SHA1

4ef61e15a781afb3ca5eaae5035e119da12447f7
SHA256

29924056509a45a317a73a8f0a159adcc4e54bbaaa65bfa22f8784f6624e760e
SHA512

af59750be6497d17a405bb16dc26a512e2b54f23400b4443a20a5f519ff623471958369af1362e3bded40ff01f931864b0c472432734a918b35f7c980f42e822
SSDEEP

49152:QsvkKUpLvYJeynbjSAjoqfD68lFj99uLvyNL779IqPt4icrXfvKzwBNKOxF2zmQ:QsM/LvYJeynbbv68x9uLviTqHrXqzwBs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  VC_redist.x64.exe
- Size
  
  2.3MB
- MD5
  
  48be7a57e95d308da6ff7b79b0178fb9
- SHA1
  
  4ef61e15a781afb3ca5eaae5035e119da12447f7
- SHA256
  
  29924056509a45a317a73a8f0a159adcc4e54bbaaa65bfa22f8784f6624e760e
- SHA512
  
  af59750be6497d17a405bb16dc26a512e2b54f23400b4443a20a5f519ff623471958369af1362e3bded40ff01f931864b0c472432734a918b35f7c980f42e822
- SSDEEP
  
  49152:QsvkKUpLvYJeynbjSAjoqfD68lFj99uLvyNL779IqPt4icrXfvKzwBNKOxF2zmQ:QsM/LvYJeynbbv68x9uLviTqHrXqzwBs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2