af3da9d88dade113d0ecc93b1a79c6db6e33ddf2ef2130ce64eaf7b32385abb6 | Triage

Sharing

General

Target

af3da9d88dade113d0ecc93b1a79c6db6e33ddf2ef2130ce64eaf7b32385abb6.exe
Size

16KB
Sample

241121-ghlrlstnbj
MD5

a2615f7e4767c5cc075dd16a0d72fa7c
SHA1

eaca1d625ccbc9e4d13baa551d207ddd09d7753a
SHA256

af3da9d88dade113d0ecc93b1a79c6db6e33ddf2ef2130ce64eaf7b32385abb6
SHA512

d5b3a48b09888480d0a8f9539c4d72c7844d14052c181dccb1812e9f8b889c8ba6ceeb4996a1cdaca11fae10ec752f937b46b1cf668d7dd6cd0fa096a56726c7
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh3V:hDXWipuE+K3/SSHgx/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  af3da9d88dade113d0ecc93b1a79c6db6e33ddf2ef2130ce64eaf7b32385abb6.exe
- Size
  
  16KB
- MD5
  
  a2615f7e4767c5cc075dd16a0d72fa7c
- SHA1
  
  eaca1d625ccbc9e4d13baa551d207ddd09d7753a
- SHA256
  
  af3da9d88dade113d0ecc93b1a79c6db6e33ddf2ef2130ce64eaf7b32385abb6
- SHA512
  
  d5b3a48b09888480d0a8f9539c4d72c7844d14052c181dccb1812e9f8b889c8ba6ceeb4996a1cdaca11fae10ec752f937b46b1cf668d7dd6cd0fa096a56726c7
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh3V:hDXWipuE+K3/SSHgx/
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2