fe375ad64cf4a2e0b5ff6861fde06eb052186c4f2af494df4f7ba24d601c834d | Triage

Sharing

General

Target

fe375ad64cf4a2e0b5ff6861fde06eb052186c4f2af494df4f7ba24d601c834d
Size

369KB
Sample

221003-p8fbhsgdgk
MD5

6cfb480fbb8f5f6f4f1eaf5b3fd3ccf0
SHA1

d40cf05c128b80d8553732962475ab68620a8132
SHA256

fe375ad64cf4a2e0b5ff6861fde06eb052186c4f2af494df4f7ba24d601c834d
SHA512

3b1a8e18fdc42e76a5f124b7c375fd1a3c55d3c8fc362d7c006e094188043e69047f8a2b8ab674ae1bcfe8b676e871e7ef20ec21048d9759263b7f845bc3518b
SSDEEP

6144:mWwMnudcfjjyX0A2zgIBcpRM7ERG1QvUTkOSOHvjRpO34F9wqS5ISC+wxE6fBnCD:ruGfjjyXIBf7EoPkTOHvjGoF9wqS5Zlb

Score

8^/10

Malware Config

Targets

- Target
  
  fe375ad64cf4a2e0b5ff6861fde06eb052186c4f2af494df4f7ba24d601c834d
- Size
  
  369KB
- MD5
  
  6cfb480fbb8f5f6f4f1eaf5b3fd3ccf0
- SHA1
  
  d40cf05c128b80d8553732962475ab68620a8132
- SHA256
  
  fe375ad64cf4a2e0b5ff6861fde06eb052186c4f2af494df4f7ba24d601c834d
- SHA512
  
  3b1a8e18fdc42e76a5f124b7c375fd1a3c55d3c8fc362d7c006e094188043e69047f8a2b8ab674ae1bcfe8b676e871e7ef20ec21048d9759263b7f845bc3518b
- SSDEEP
  
  6144:mWwMnudcfjjyX0A2zgIBcpRM7ERG1QvUTkOSOHvjRpO34F9wqS5ISC+wxE6fBnCD:ruGfjjyXIBf7EoPkTOHvjGoF9wqS5Zlb
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2