0c577ab14661a83d7f15ea28d4c057c71ff684685958ab5a1b23bf695c1411a5 | Triage

Sharing

General

Target

0c577ab14661a83d7f15ea28d4c057c71ff684685958ab5a1b23bf695c1411a5.exe
Size

20KB
Sample

241121-nbgyea1qb1
MD5

2036734090a9f223c5bae149caf6bc54
SHA1

6ab13eb3105b7e0b325a1185ab733f8446064d24
SHA256

0c577ab14661a83d7f15ea28d4c057c71ff684685958ab5a1b23bf695c1411a5
SHA512

7e4e3f1182ac39febf8c38509135f43bcedcc747c07884e093f9034ffe7bd3905fc60a51e7f2829e6d78e7d4e35ee81ad6bec61ad5cd006b6fd7a2c557a275b7
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlOQZ:hDXWipuE+K3/SSHgxmlTZ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0c577ab14661a83d7f15ea28d4c057c71ff684685958ab5a1b23bf695c1411a5.exe
- Size
  
  20KB
- MD5
  
  2036734090a9f223c5bae149caf6bc54
- SHA1
  
  6ab13eb3105b7e0b325a1185ab733f8446064d24
- SHA256
  
  0c577ab14661a83d7f15ea28d4c057c71ff684685958ab5a1b23bf695c1411a5
- SHA512
  
  7e4e3f1182ac39febf8c38509135f43bcedcc747c07884e093f9034ffe7bd3905fc60a51e7f2829e6d78e7d4e35ee81ad6bec61ad5cd006b6fd7a2c557a275b7
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlOQZ:hDXWipuE+K3/SSHgxmlTZ
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2