27cdc7a67e361253a53acd2bbc2590c39900d172c4f5d748f6e374a64351e799 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27cdc7a67e361253a53acd2bbc2590c39900d172c4f5d748f6e374a64351e799
Size

345KB
Sample

220919-d1dxyaecf4
MD5

1c15d63240a2028c17e9a11e6925abc9
SHA1

bb854bb964cc6fc7f59699e3f682d1d08a69f047
SHA256

27cdc7a67e361253a53acd2bbc2590c39900d172c4f5d748f6e374a64351e799
SHA512

7731801f2e626520d905c1146c2e28bcc208155e81101de3e4545258161ab6c87410fd207e20c9bad8b52990ad5632835d5ffc81e5fed4f827509bcd83605aa0
SSDEEP

6144:1G5k6n9Flbx3esxScA/RIIIIiIsjlBSAI5hIY4Z7+jZE:2VFlbx3esxScA/RIIIIiI8I5hIY4Z7+y

Score

8^/10

Malware Config

Targets

- Target
  
  27cdc7a67e361253a53acd2bbc2590c39900d172c4f5d748f6e374a64351e799
- Size
  
  345KB
- MD5
  
  1c15d63240a2028c17e9a11e6925abc9
- SHA1
  
  bb854bb964cc6fc7f59699e3f682d1d08a69f047
- SHA256
  
  27cdc7a67e361253a53acd2bbc2590c39900d172c4f5d748f6e374a64351e799
- SHA512
  
  7731801f2e626520d905c1146c2e28bcc208155e81101de3e4545258161ab6c87410fd207e20c9bad8b52990ad5632835d5ffc81e5fed4f827509bcd83605aa0
- SSDEEP
  
  6144:1G5k6n9Flbx3esxScA/RIIIIiIsjlBSAI5hIY4Z7+jZE:2VFlbx3esxScA/RIIIIiI8I5hIY4Z7+y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2