22d6faa466fc1e73e76f9636e2c5963aab0e3310099f8bea56e44e3452220814 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22d6faa466fc1e73e76f9636e2c5963aab0e3310099f8bea56e44e3452220814
Size

175KB
Sample

220919-lmwvlaaha8
MD5

35f0144da8a41c5848302883d70cd2d0
SHA1

9502fbc671b847b7e2719aa56a337fb189ddec8a
SHA256

22d6faa466fc1e73e76f9636e2c5963aab0e3310099f8bea56e44e3452220814
SHA512

796a6b57bfa424a902da937864daf0deb0cac51c83d86ba9aa557e24da0e800ba7e9e8cf8c409b9f075d91f3f39c403df8fbe2534d281abed4d8c940c84ffcb7
SSDEEP

3072:UYP2XerzhOUxu/XUtauUpFwx99/8MRgKRDQuTq8W4tQnBrkJdQ+CIZFdib:Uu2urzh9xu/XkauUpFof/8wDztWKQnO+

Score

8^/10

Malware Config

Targets

- Target
  
  22d6faa466fc1e73e76f9636e2c5963aab0e3310099f8bea56e44e3452220814
- Size
  
  175KB
- MD5
  
  35f0144da8a41c5848302883d70cd2d0
- SHA1
  
  9502fbc671b847b7e2719aa56a337fb189ddec8a
- SHA256
  
  22d6faa466fc1e73e76f9636e2c5963aab0e3310099f8bea56e44e3452220814
- SHA512
  
  796a6b57bfa424a902da937864daf0deb0cac51c83d86ba9aa557e24da0e800ba7e9e8cf8c409b9f075d91f3f39c403df8fbe2534d281abed4d8c940c84ffcb7
- SSDEEP
  
  3072:UYP2XerzhOUxu/XUtauUpFwx99/8MRgKRDQuTq8W4tQnBrkJdQ+CIZFdib:Uu2urzh9xu/XkauUpFof/8wDztWKQnO+
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2