98cfcd33db1fd838f6dbaa818a3a8a5825a2ad0bf9d7783a7a2d86e54cb5ec79 | Triage

Sharing

General

Target

98cfcd33db1fd838f6dbaa818a3a8a5825a2ad0bf9d7783a7a2d86e54cb5ec79
Size

20KB
Sample

220919-lqe19afagp
MD5

29bdeda415f10921646464768c72c009
SHA1

47a15db8eba3f8dec439f8ec430e869ca4731e04
SHA256

98cfcd33db1fd838f6dbaa818a3a8a5825a2ad0bf9d7783a7a2d86e54cb5ec79
SHA512

418d666dc5f4dd571d713c5494f627620ad1e4ada20b68915872d3e3a5cfbba7e5fbfc74976151c4334c4d27208a9a51440aaf16f635471d3df70cf3c4b8ea6b
SSDEEP

384:DBNHCOqmHMyD6XTHfz0lv30PNApPAyuOgsnR+HLE4GebEmimTHDun:DDiOqZy2XT/QJ0PNer4GegmDfun

Score

8^/10

Malware Config

Targets

- Target
  
  98cfcd33db1fd838f6dbaa818a3a8a5825a2ad0bf9d7783a7a2d86e54cb5ec79
- Size
  
  20KB
- MD5
  
  29bdeda415f10921646464768c72c009
- SHA1
  
  47a15db8eba3f8dec439f8ec430e869ca4731e04
- SHA256
  
  98cfcd33db1fd838f6dbaa818a3a8a5825a2ad0bf9d7783a7a2d86e54cb5ec79
- SHA512
  
  418d666dc5f4dd571d713c5494f627620ad1e4ada20b68915872d3e3a5cfbba7e5fbfc74976151c4334c4d27208a9a51440aaf16f635471d3df70cf3c4b8ea6b
- SSDEEP
  
  384:DBNHCOqmHMyD6XTHfz0lv30PNApPAyuOgsnR+HLE4GebEmimTHDun:DDiOqZy2XT/QJ0PNer4GegmDfun
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2