c5c330b341abd7f009f16b6187a71c9a2e98480e50498f78bb03003f48603848 | Triage

Sharing

General

Target

c5c330b341abd7f009f16b6187a71c9a2e98480e50498f78bb03003f48603848
Size

1.3MB
Sample

220922-j99zmaafg2
MD5

7ef0594d8fcedc2800b2d40bc98c2301
SHA1

809c8a1a3d5f047624cce62a966ce3ccb2052d97
SHA256

c5c330b341abd7f009f16b6187a71c9a2e98480e50498f78bb03003f48603848
SHA512

4a18e5771c836299f8a07f0b243bcdf36a2d4ad5269fe3fa39fb19c0d455627d7c6e0bd21feb5ca1a88b0c4fa8c9128a374c2ede96a788bbcbd2839042236cba
SSDEEP

24576:r793eQtxNLxCRR7WhTyfSF9Rjk9A/nxWdoCt/6aWJnbPZ6V7Yx2LlDRT:r71btgz6hTyfyrw9UQoXa4PZ6Vcx2RDp

Score

8^/10

Malware Config

Targets

- Target
  
  c5c330b341abd7f009f16b6187a71c9a2e98480e50498f78bb03003f48603848
- Size
  
  1.3MB
- MD5
  
  7ef0594d8fcedc2800b2d40bc98c2301
- SHA1
  
  809c8a1a3d5f047624cce62a966ce3ccb2052d97
- SHA256
  
  c5c330b341abd7f009f16b6187a71c9a2e98480e50498f78bb03003f48603848
- SHA512
  
  4a18e5771c836299f8a07f0b243bcdf36a2d4ad5269fe3fa39fb19c0d455627d7c6e0bd21feb5ca1a88b0c4fa8c9128a374c2ede96a788bbcbd2839042236cba
- SSDEEP
  
  24576:r793eQtxNLxCRR7WhTyfSF9Rjk9A/nxWdoCt/6aWJnbPZ6V7Yx2LlDRT:r71btgz6hTyfyrw9UQoXa4PZ6Vcx2RDp
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2