d9b3743b289486e90dbd66f614904fb963e0dcbe428da29884e0eb4c5ad6408d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9b3743b289486e90dbd66f614904fb963e0dcbe428da29884e0eb4c5ad6408d
Size

170KB
Sample

221002-mz6e8scae3
MD5

75fb12e2afca747a1e76cb3449621950
SHA1

2a77e83ce6a47e8235a247253f84c29b3a573fbb
SHA256

d9b3743b289486e90dbd66f614904fb963e0dcbe428da29884e0eb4c5ad6408d
SHA512

6ff3feccaf2251f08d9512e695e0bcca1a598260ef819049b3442bc1a7e40a34a05cd9c29008cf4033f93ec13303dba1d010cee9dfda4b2be98929391b6f8da1
SSDEEP

3072:0MEMvxdknmg1tDbuLB+5xGT21JqaEvNAshAwPPVxAH0tEuFPAUovGG65N3:0ME1nmg1tDbJ5621YNA+AGm0GQP3GK5t

Score

8^/10

Malware Config

Targets

- Target
  
  d9b3743b289486e90dbd66f614904fb963e0dcbe428da29884e0eb4c5ad6408d
- Size
  
  170KB
- MD5
  
  75fb12e2afca747a1e76cb3449621950
- SHA1
  
  2a77e83ce6a47e8235a247253f84c29b3a573fbb
- SHA256
  
  d9b3743b289486e90dbd66f614904fb963e0dcbe428da29884e0eb4c5ad6408d
- SHA512
  
  6ff3feccaf2251f08d9512e695e0bcca1a598260ef819049b3442bc1a7e40a34a05cd9c29008cf4033f93ec13303dba1d010cee9dfda4b2be98929391b6f8da1
- SSDEEP
  
  3072:0MEMvxdknmg1tDbuLB+5xGT21JqaEvNAshAwPPVxAH0tEuFPAUovGG65N3:0ME1nmg1tDbJ5621YNA+AGm0GQP3GK5t
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2