417a5c18e197f15edbfc8fb26e2f746e63f3ec02d3f0c4a2d73ad8cdedf2b317 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

417a5c18e197f15edbfc8fb26e2f746e63f3ec02d3f0c4a2d73ad8cdedf2b317
Size

102KB
Sample

221002-3dmzrsfbc6
MD5

6381532543a5f5391c1a3ae2bfd760b0
SHA1

8a5d77a3ef46a372def27612bea0f83376ba42fc
SHA256

417a5c18e197f15edbfc8fb26e2f746e63f3ec02d3f0c4a2d73ad8cdedf2b317
SHA512

15bbb0b7aa8d3caffb9a15980a34ada44d95f52634e86ce420085ab97eec76e74b61cf130099222333a3d3a293c9d2f5a1a8f67d5454395c6a00d65b6d70b3c7
SSDEEP

3072:wG1TRtydMn84E4rmE6lBx8ppjJKQQHh/0:wG1FVn84Vm+pjJK/0

Score

8^/10

Malware Config

Targets

- Target
  
  417a5c18e197f15edbfc8fb26e2f746e63f3ec02d3f0c4a2d73ad8cdedf2b317
- Size
  
  102KB
- MD5
  
  6381532543a5f5391c1a3ae2bfd760b0
- SHA1
  
  8a5d77a3ef46a372def27612bea0f83376ba42fc
- SHA256
  
  417a5c18e197f15edbfc8fb26e2f746e63f3ec02d3f0c4a2d73ad8cdedf2b317
- SHA512
  
  15bbb0b7aa8d3caffb9a15980a34ada44d95f52634e86ce420085ab97eec76e74b61cf130099222333a3d3a293c9d2f5a1a8f67d5454395c6a00d65b6d70b3c7
- SSDEEP
  
  3072:wG1TRtydMn84E4rmE6lBx8ppjJKQQHh/0:wG1FVn84Vm+pjJK/0
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2