9672f07998972e5b99344a9e68b8024fa3ac9715195ecf90c74d9dceda72d9a6 | Triage

Sharing

General

Target

9672f07998972e5b99344a9e68b8024fa3ac9715195ecf90c74d9dceda72d9a6
Size

21KB
Sample

220919-y2ynysbdfp
MD5

42813bf853e513b71ba3c057c2fa1e50
SHA1

3df272a1dae28ed1324d36fa09aa0197b2b757b3
SHA256

9672f07998972e5b99344a9e68b8024fa3ac9715195ecf90c74d9dceda72d9a6
SHA512

2fc66ba2ec32afd17e2e82a9d97057078bac45bd7c9f4fae6d3915147e3c22e0982a5fab26db8c64106e42818e4b2210f4b5cc58cf9e8c6f6679dbd22dd6ac8c
SSDEEP

384:36SQ9KaonyYFtYqS7j1c1Nbj+AdSIFRCjn+nAOPxMd1YWVpd72KlJb0aJ:eKzyEtanK1F7d1Qn+nAOcPd71lJbt

Score

8^/10

Malware Config

Targets

- Target
  
  9672f07998972e5b99344a9e68b8024fa3ac9715195ecf90c74d9dceda72d9a6
- Size
  
  21KB
- MD5
  
  42813bf853e513b71ba3c057c2fa1e50
- SHA1
  
  3df272a1dae28ed1324d36fa09aa0197b2b757b3
- SHA256
  
  9672f07998972e5b99344a9e68b8024fa3ac9715195ecf90c74d9dceda72d9a6
- SHA512
  
  2fc66ba2ec32afd17e2e82a9d97057078bac45bd7c9f4fae6d3915147e3c22e0982a5fab26db8c64106e42818e4b2210f4b5cc58cf9e8c6f6679dbd22dd6ac8c
- SSDEEP
  
  384:36SQ9KaonyYFtYqS7j1c1Nbj+AdSIFRCjn+nAOPxMd1YWVpd72KlJb0aJ:eKzyEtanK1F7d1Qn+nAOcPd71lJbt
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2