d6b1942ae351c4aa9a324b636228c5cc6623102b2651ccd65daafdc792a3284a | Triage

Sharing

General

Target

d6b1942ae351c4aa9a324b636228c5cc6623102b2651ccd65daafdc792a3284a.exe
Size

208KB
Sample

241119-sp9ykaybrl
MD5

dc1df38e26eca38e38b6fcb0d7bd6901
SHA1

c7fc2d4102d8e70f05c82762f324b23e5f84d7a3
SHA256

d6b1942ae351c4aa9a324b636228c5cc6623102b2651ccd65daafdc792a3284a
SHA512

376baa0a98b9ef5df8b0633cb9ec35e0a8167bc77f77c25d8e828eadb6d9523af6cc9f7bef1a38aa910857c6ea1debfaea55302e995bc13386c9c17f124cb7e6
SSDEEP

3072:JO+bY++73VQdqPg7WqD+NhGJZstCVH9xGSp+BPq19XAHtUcmzM:MWWzcJZs0d91WPquUcmg

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d6b1942ae351c4aa9a324b636228c5cc6623102b2651ccd65daafdc792a3284a.exe
- Size
  
  208KB
- MD5
  
  dc1df38e26eca38e38b6fcb0d7bd6901
- SHA1
  
  c7fc2d4102d8e70f05c82762f324b23e5f84d7a3
- SHA256
  
  d6b1942ae351c4aa9a324b636228c5cc6623102b2651ccd65daafdc792a3284a
- SHA512
  
  376baa0a98b9ef5df8b0633cb9ec35e0a8167bc77f77c25d8e828eadb6d9523af6cc9f7bef1a38aa910857c6ea1debfaea55302e995bc13386c9c17f124cb7e6
- SSDEEP
  
  3072:JO+bY++73VQdqPg7WqD+NhGJZstCVH9xGSp+BPq19XAHtUcmzM:MWWzcJZs0d91WPquUcmg
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2