d26ba241efcc32a6d24e36689d6e8b8e20652c5ac1313d0db701fbe0c2670633 | Triage

Sharing

General

Target

d26ba241efcc32a6d24e36689d6e8b8e20652c5ac1313d0db701fbe0c2670633
Size

49KB
Sample

241121-krnt4szret
MD5

90b3f18920ad7bae72808a518a81df2a
SHA1

74352691b7761e137f9443e1e37a92297f082174
SHA256

d26ba241efcc32a6d24e36689d6e8b8e20652c5ac1313d0db701fbe0c2670633
SHA512

185ca5ed666d408e3cd0708115b0964b4bdb158fec16a2afb728798598c3e826f257f67aa445d3d064b3a1785f234847d43de1c29a83d88aaec877e98191a368
SSDEEP

768:P6LsoVEeegiZPvEhHSP+gp/QtOOtEvwDpjBBMLZdzuqpXsiE8Wq/Dpkcs:P6Q0ElP6G+gJQMOtEvwDpjB8WMlfs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d26ba241efcc32a6d24e36689d6e8b8e20652c5ac1313d0db701fbe0c2670633
- Size
  
  49KB
- MD5
  
  90b3f18920ad7bae72808a518a81df2a
- SHA1
  
  74352691b7761e137f9443e1e37a92297f082174
- SHA256
  
  d26ba241efcc32a6d24e36689d6e8b8e20652c5ac1313d0db701fbe0c2670633
- SHA512
  
  185ca5ed666d408e3cd0708115b0964b4bdb158fec16a2afb728798598c3e826f257f67aa445d3d064b3a1785f234847d43de1c29a83d88aaec877e98191a368
- SSDEEP
  
  768:P6LsoVEeegiZPvEhHSP+gp/QtOOtEvwDpjBBMLZdzuqpXsiE8Wq/Dpkcs:P6Q0ElP6G+gJQMOtEvwDpjB8WMlfs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2