0ddd9bbb556434db43bd9cbcaf557edf0fe9de429b81119ed579085e680ab8e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ddd9bbb556434db43bd9cbcaf557edf0fe9de429b81119ed579085e680ab8e1
Size

24KB
Sample

221003-113ydshehj
MD5

05dbfecd9231a63abef3391cf3692721
SHA1

e48f30983f91f02eb1f61ff59519b6eeb1ced3da
SHA256

0ddd9bbb556434db43bd9cbcaf557edf0fe9de429b81119ed579085e680ab8e1
SHA512

71e0cdc473f13726c1a261abe0662d71b588962077d562ca48b53f3452bd68683f366b9ec23f71f8b56e4ca1733156c567f0803427b5a623d92e4093eba05e77
SSDEEP

384:qjD6bqVIy0xylC5LyGEbNqDmo8hIjS8tsjLR9ya5fJvwtpd2fEUgptMbzyMQB2:qjDcqbYmGmymoBOzjNv5FupdYEHgb5f

Score

8^/10

Malware Config

Targets

- Target
  
  0ddd9bbb556434db43bd9cbcaf557edf0fe9de429b81119ed579085e680ab8e1
- Size
  
  24KB
- MD5
  
  05dbfecd9231a63abef3391cf3692721
- SHA1
  
  e48f30983f91f02eb1f61ff59519b6eeb1ced3da
- SHA256
  
  0ddd9bbb556434db43bd9cbcaf557edf0fe9de429b81119ed579085e680ab8e1
- SHA512
  
  71e0cdc473f13726c1a261abe0662d71b588962077d562ca48b53f3452bd68683f366b9ec23f71f8b56e4ca1733156c567f0803427b5a623d92e4093eba05e77
- SSDEEP
  
  384:qjD6bqVIy0xylC5LyGEbNqDmo8hIjS8tsjLR9ya5fJvwtpd2fEUgptMbzyMQB2:qjDcqbYmGmymoBOzjNv5FupdYEHgb5f
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2