296a2dc73fa2c47299404da28387ba804803d91621f53c0f7c79e61476e3334d | Triage

Sharing

General

Target

296a2dc73fa2c47299404da28387ba804803d91621f53c0f7c79e61476e3334d.exe
Size

16KB
Sample

241121-mdds4a1mgx
MD5

e5937d893c5daee668134a53bf27d563
SHA1

6a4bebcbf74ff23425571f082d1e239f101e7887
SHA256

296a2dc73fa2c47299404da28387ba804803d91621f53c0f7c79e61476e3334d
SHA512

3639de7b4688bd5b7a8de7940576d2da2a8cf5e82f91031fc95637fbabf3e678755c5c44dd1219faa6bda0bff8a46bc38f1be5e8cc8ec341287001f80ba2a9bc
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx9MG:hDXWipuE+K3/SSHgxmH7MG

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  296a2dc73fa2c47299404da28387ba804803d91621f53c0f7c79e61476e3334d.exe
- Size
  
  16KB
- MD5
  
  e5937d893c5daee668134a53bf27d563
- SHA1
  
  6a4bebcbf74ff23425571f082d1e239f101e7887
- SHA256
  
  296a2dc73fa2c47299404da28387ba804803d91621f53c0f7c79e61476e3334d
- SHA512
  
  3639de7b4688bd5b7a8de7940576d2da2a8cf5e82f91031fc95637fbabf3e678755c5c44dd1219faa6bda0bff8a46bc38f1be5e8cc8ec341287001f80ba2a9bc
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx9MG:hDXWipuE+K3/SSHgxmH7MG
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2