3895d6355398594677b5efb3a82f3fea218bde20c8e0fc2955082c3d5917354d | Triage

Sharing

General

Target

3895d6355398594677b5efb3a82f3fea218bde20c8e0fc2955082c3d5917354d
Size

4.3MB
Sample

220915-ms3qrsgecp
MD5

9e0fc7817fc7b291f14c5b726070f9d1
SHA1

b89af4ef99d4f8dff5597abcfd43c7731d710f94
SHA256

3895d6355398594677b5efb3a82f3fea218bde20c8e0fc2955082c3d5917354d
SHA512

ac9b7b94d7b3857b1ce06ba3084049f5cad8467775b7e359bb2cbecd8222e4e64b154803c663010d269398564f750e68211cd4580661b594eac350ca8920e9fa
SSDEEP

98304:jclPDq5+TGDNLADj2+4RGeg3i71jn92LtEiMyneDrk12/n7aHXZ2:jclPDqoTCiDi+4R43i7pn9utGyj12/OI

Score

8^/10

Malware Config

Targets

- Target
  
  3895d6355398594677b5efb3a82f3fea218bde20c8e0fc2955082c3d5917354d
- Size
  
  4.3MB
- MD5
  
  9e0fc7817fc7b291f14c5b726070f9d1
- SHA1
  
  b89af4ef99d4f8dff5597abcfd43c7731d710f94
- SHA256
  
  3895d6355398594677b5efb3a82f3fea218bde20c8e0fc2955082c3d5917354d
- SHA512
  
  ac9b7b94d7b3857b1ce06ba3084049f5cad8467775b7e359bb2cbecd8222e4e64b154803c663010d269398564f750e68211cd4580661b594eac350ca8920e9fa
- SSDEEP
  
  98304:jclPDq5+TGDNLADj2+4RGeg3i71jn92LtEiMyneDrk12/n7aHXZ2:jclPDqoTCiDi+4R43i7pn9utGyj12/OI
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2