0aa72669972bbb2e108c85ec283df98734d42c9ea2ecf37bba00b0fbecaaad18 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0aa72669972bbb2e108c85ec283df98734d42c9ea2ecf37bba00b0fbecaaad18
Size

19KB
Sample

221003-h6bf8aeedm
MD5

60bf62c0d8ec33d95ff4fb32575d8b80
SHA1

5a665a1efdf9c5838fbffc734de90648698f6b62
SHA256

0aa72669972bbb2e108c85ec283df98734d42c9ea2ecf37bba00b0fbecaaad18
SHA512

3993ddd5754d8c53653aef66cbc44112b02f31ac982afb78820e4647057ffbd3d600db2c5f58483243d945b5baf7b01bb4427a64d036e813292cf30ce206c59e
SSDEEP

384:IMAP4wZ6khYJRKiC0bz94calJJjjjCRAAAAA2Z:IM0ZiLCWwJjjs

Score

8^/10

Malware Config

Targets

- Target
  
  0aa72669972bbb2e108c85ec283df98734d42c9ea2ecf37bba00b0fbecaaad18
- Size
  
  19KB
- MD5
  
  60bf62c0d8ec33d95ff4fb32575d8b80
- SHA1
  
  5a665a1efdf9c5838fbffc734de90648698f6b62
- SHA256
  
  0aa72669972bbb2e108c85ec283df98734d42c9ea2ecf37bba00b0fbecaaad18
- SHA512
  
  3993ddd5754d8c53653aef66cbc44112b02f31ac982afb78820e4647057ffbd3d600db2c5f58483243d945b5baf7b01bb4427a64d036e813292cf30ce206c59e
- SSDEEP
  
  384:IMAP4wZ6khYJRKiC0bz94calJJjjjCRAAAAA2Z:IM0ZiLCWwJjjs
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2