3ad57c5d41a71945e5c66c31cdbe70d592b6da8a8add70c618653db73ede2614 | Triage

Sharing

General

Target

3ad57c5d41a71945e5c66c31cdbe70d592b6da8a8add70c618653db73ede2614.msi
Size

1.4MB
Sample

220711-1qfecafff2
MD5

891860064f823c696324cb157cdc88d6
SHA1

2b06e040f94533625dc9393e80c325e9b1e100d4
SHA256

3ad57c5d41a71945e5c66c31cdbe70d592b6da8a8add70c618653db73ede2614
SHA512

45bc1816207305de36c580867046adaac78817bf2c45bfc31e5fa6d6ed6e0e5a885db56bad73d4e25dc7f015452e3ef1365f34caae66f26794e253a46ac67de1

Score

8^/10

Malware Config

Targets

- Target
  
  3ad57c5d41a71945e5c66c31cdbe70d592b6da8a8add70c618653db73ede2614.msi
- Size
  
  1.4MB
- MD5
  
  891860064f823c696324cb157cdc88d6
- SHA1
  
  2b06e040f94533625dc9393e80c325e9b1e100d4
- SHA256
  
  3ad57c5d41a71945e5c66c31cdbe70d592b6da8a8add70c618653db73ede2614
- SHA512
  
  45bc1816207305de36c580867046adaac78817bf2c45bfc31e5fa6d6ed6e0e5a885db56bad73d4e25dc7f015452e3ef1365f34caae66f26794e253a46ac67de1
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2