75e35e879da51d8026da7a766ee1472df2a135ad45c8ddb01e4d83f9c8551105 | Triage

Sharing

General

Target

75e35e879da51d8026da7a766ee1472df2a135ad45c8ddb01e4d83f9c8551105
Size

272KB
Sample

220919-n8a65abgck
MD5

28d9838a6583d19e9bcd38a60aeb52c5
SHA1

e5f6bd53821a171ce6116f9d812bc9ceac890b94
SHA256

75e35e879da51d8026da7a766ee1472df2a135ad45c8ddb01e4d83f9c8551105
SHA512

792a38ccdc04ea1cb5b5c8dbebc4a1f573c46103b13a3e8ac45e4bebdecdb4ac2353ffe0942db5453111e47ad28207afd55bc06835c32ffafb200fe96b4609e5
SSDEEP

6144:EcWMJJhqryYP/daqlzV4GA3Fkk7rzPDCykQSt4lHl+BKg5lJXa6m:EczJJhqrVPldVzA3FB7fPDCykjC3+Ugy

Score

8^/10

Malware Config

Targets

- Target
  
  75e35e879da51d8026da7a766ee1472df2a135ad45c8ddb01e4d83f9c8551105
- Size
  
  272KB
- MD5
  
  28d9838a6583d19e9bcd38a60aeb52c5
- SHA1
  
  e5f6bd53821a171ce6116f9d812bc9ceac890b94
- SHA256
  
  75e35e879da51d8026da7a766ee1472df2a135ad45c8ddb01e4d83f9c8551105
- SHA512
  
  792a38ccdc04ea1cb5b5c8dbebc4a1f573c46103b13a3e8ac45e4bebdecdb4ac2353ffe0942db5453111e47ad28207afd55bc06835c32ffafb200fe96b4609e5
- SSDEEP
  
  6144:EcWMJJhqryYP/daqlzV4GA3Fkk7rzPDCykQSt4lHl+BKg5lJXa6m:EczJJhqrVPldVzA3FB7fPDCykjC3+Ugy
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2