290d6fd2303d63a5003ea57417de08b4bb2183ee0476adcedb8775b6801e5605 | Triage

Sharing

General

Target

290d6fd2303d63a5003ea57417de08b4bb2183ee0476adcedb8775b6801e5605
Size

118KB
Sample

220919-knzgfaghe7
MD5

0ef75bb88552494a76537f4924861b19
SHA1

2689c22a965e343aaab021be132ea89924d8f61e
SHA256

290d6fd2303d63a5003ea57417de08b4bb2183ee0476adcedb8775b6801e5605
SHA512

b21052867e99e0dc70bc06fc193ad8c8511c0b42f1a34381ed9f6abb42dcc70e0611ae3f0f109f660547c43dd2ca8336463331be2f616a2fa695b4340a08fde8
SSDEEP

3072:Ln2xwJQ7c8S7Y8drUAxA79WUUZs1BQkVOYy6CrU688RS:LSI8AY6rUIA79UzX64VS

Score

8^/10

Malware Config

Targets

- Target
  
  290d6fd2303d63a5003ea57417de08b4bb2183ee0476adcedb8775b6801e5605
- Size
  
  118KB
- MD5
  
  0ef75bb88552494a76537f4924861b19
- SHA1
  
  2689c22a965e343aaab021be132ea89924d8f61e
- SHA256
  
  290d6fd2303d63a5003ea57417de08b4bb2183ee0476adcedb8775b6801e5605
- SHA512
  
  b21052867e99e0dc70bc06fc193ad8c8511c0b42f1a34381ed9f6abb42dcc70e0611ae3f0f109f660547c43dd2ca8336463331be2f616a2fa695b4340a08fde8
- SSDEEP
  
  3072:Ln2xwJQ7c8S7Y8drUAxA79WUUZs1BQkVOYy6CrU688RS:LSI8AY6rUIA79UzX64VS
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2