d3b0c592c0e96bf445412e4ca27584eeebf2b7d9b2d77753a1a3de7baf92b67c | Triage

Sharing

General

Target

d3b0c592c0e96bf445412e4ca27584eeebf2b7d9b2d77753a1a3de7baf92b67c
Size

16.1MB
Sample

220922-jcbqkaebgm
MD5

03c9fa663f7e2cd760521d6f10073a52
SHA1

ef444302c600a32c282a1ac2ce075003f83daf37
SHA256

d3b0c592c0e96bf445412e4ca27584eeebf2b7d9b2d77753a1a3de7baf92b67c
SHA512

fe46628b4fb54fce44e24e65e3a48563d466954bce1fd6fab6848d2c097b0824414204fcf2f8de3bcf3456d7c01a26451f3630450ab4d9c98c6ebdd3af07171c
SSDEEP

393216:lGJvKCd6CDdOp2y7EndImLuxUV6eofASfqykfDpjAClPjkdPy37H:kvKCu7IdImLuGV6LfA7/JjsPyr

Score

8^/10

Malware Config

Targets

- Target
  
  d3b0c592c0e96bf445412e4ca27584eeebf2b7d9b2d77753a1a3de7baf92b67c
- Size
  
  16.1MB
- MD5
  
  03c9fa663f7e2cd760521d6f10073a52
- SHA1
  
  ef444302c600a32c282a1ac2ce075003f83daf37
- SHA256
  
  d3b0c592c0e96bf445412e4ca27584eeebf2b7d9b2d77753a1a3de7baf92b67c
- SHA512
  
  fe46628b4fb54fce44e24e65e3a48563d466954bce1fd6fab6848d2c097b0824414204fcf2f8de3bcf3456d7c01a26451f3630450ab4d9c98c6ebdd3af07171c
- SSDEEP
  
  393216:lGJvKCd6CDdOp2y7EndImLuxUV6eofASfqykfDpjAClPjkdPy37H:kvKCu7IdImLuGV6LfA7/JjsPyr
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2