9429dc591ce2395840b822a4fbce5764740298c540eecf199fbc99c65bf245f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9429dc591ce2395840b822a4fbce5764740298c540eecf199fbc99c65bf245f6
Size

2.0MB
Sample

220919-p22k6shec6
MD5

6ba38313b3e00df661ee3d2c2b308f0d
SHA1

67a988a479da2fc240e03c3b4579390041167ba8
SHA256

9429dc591ce2395840b822a4fbce5764740298c540eecf199fbc99c65bf245f6
SHA512

a6d0c12ba6e48256e5090f3f8dc29ada93104089007ff60125b2fe139b5eee306e5789228d6bf45f07f78f7ca5b18c072ce946beb3e2d4df9caf39eb71da06a0
SSDEEP

49152:FB5Mo/lz9RFkIkx6cT6Uf0DBswEWlwzHQUGyO:FfMAlxbY6ce5DBAiw0UGyO

Score

8^/10

Malware Config

Targets

- Target
  
  9429dc591ce2395840b822a4fbce5764740298c540eecf199fbc99c65bf245f6
- Size
  
  2.0MB
- MD5
  
  6ba38313b3e00df661ee3d2c2b308f0d
- SHA1
  
  67a988a479da2fc240e03c3b4579390041167ba8
- SHA256
  
  9429dc591ce2395840b822a4fbce5764740298c540eecf199fbc99c65bf245f6
- SHA512
  
  a6d0c12ba6e48256e5090f3f8dc29ada93104089007ff60125b2fe139b5eee306e5789228d6bf45f07f78f7ca5b18c072ce946beb3e2d4df9caf39eb71da06a0
- SSDEEP
  
  49152:FB5Mo/lz9RFkIkx6cT6Uf0DBswEWlwzHQUGyO:FfMAlxbY6ce5DBAiw0UGyO
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2