336e0c431638a77f269759f4bac4bb85011a5746ef88aea448f223357a5a2fd9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

336e0c431638a77f269759f4bac4bb85011a5746ef88aea448f223357a5a2fd9
Size

650KB
Sample

220922-jzm24sechl
MD5

76b4e8fd43ebdde673e0277f36e9c997
SHA1

c4e3e42fc9ca0ca57dbe6ee154c87f283f8f51d7
SHA256

336e0c431638a77f269759f4bac4bb85011a5746ef88aea448f223357a5a2fd9
SHA512

7787d8bb7a756c1053d1f4940298faefc9aadc4172c77eaf548c55346d97919cd210a8823746a81d6e828fa67c459910d29a7dfbb7557e8ab91ea1f2c8d51790
SSDEEP

12288:WXwOrReFWQFL6XRZjgWY0dxTU2/kgPc7MDHEvrReRLCg42Gk:WXwOrRs/6BZxdZ/E7wHEvrZ2Gk

Score

8^/10

Malware Config

Targets

- Target
  
  336e0c431638a77f269759f4bac4bb85011a5746ef88aea448f223357a5a2fd9
- Size
  
  650KB
- MD5
  
  76b4e8fd43ebdde673e0277f36e9c997
- SHA1
  
  c4e3e42fc9ca0ca57dbe6ee154c87f283f8f51d7
- SHA256
  
  336e0c431638a77f269759f4bac4bb85011a5746ef88aea448f223357a5a2fd9
- SHA512
  
  7787d8bb7a756c1053d1f4940298faefc9aadc4172c77eaf548c55346d97919cd210a8823746a81d6e828fa67c459910d29a7dfbb7557e8ab91ea1f2c8d51790
- SSDEEP
  
  12288:WXwOrReFWQFL6XRZjgWY0dxTU2/kgPc7MDHEvrReRLCg42Gk:WXwOrRs/6BZxdZ/E7wHEvrZ2Gk
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2