darkvision | 633b2819b9e2f3a6b913a586bcad536eae3b6ba9bc94661156866abe4a32bd8f | Triage

Sharing

General

Target

STUB.EXE
Size

453KB
Sample

250406-k887dayjs2
MD5

eff9b6cc2c4ffce51424207a9454f1f8
SHA1

e77e4af2276082eced9a908f49de37d7eac0e384
SHA256

633b2819b9e2f3a6b913a586bcad536eae3b6ba9bc94661156866abe4a32bd8f
SHA512

2e93e7d1ec50bad99050dbc4b629c50d489739a932ccc79ce6f93e61432acc076507e18973a5f71cc4ba981da9c490619467a50fe6cb7c0d31a3be28e173b990
SSDEEP

6144:+MdVKz+LuaBM4/1qrbbYTsHYU6Aez8HVWIZnh:LLXqrH+R+T

Score

10^/10

darkvision

Malware Config

Targets

- Target
  
  STUB.EXE
- Size
  
  453KB
- MD5
  
  eff9b6cc2c4ffce51424207a9454f1f8
- SHA1
  
  e77e4af2276082eced9a908f49de37d7eac0e384
- SHA256
  
  633b2819b9e2f3a6b913a586bcad536eae3b6ba9bc94661156866abe4a32bd8f
- SHA512
  
  2e93e7d1ec50bad99050dbc4b629c50d489739a932ccc79ce6f93e61432acc076507e18973a5f71cc4ba981da9c490619467a50fe6cb7c0d31a3be28e173b990
- SSDEEP
  
  6144:+MdVKz+LuaBM4/1qrbbYTsHYU6Aez8HVWIZnh:LLXqrH+R+T
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1