94b45e44b25cc505518f1d3df6f46bd4cdeaf19bf14da96616983245b39fb6d7 | Triage

Sharing

General

Target

94b45e44b25cc505518f1d3df6f46bd4cdeaf19bf14da96616983245b39fb6d7
Size

56KB
Sample

221004-adrczadcal
MD5

682eb4a2f638b1c36d59e8858a14abe4
SHA1

fd2e21d47d337e7476c62c889798491d1ae9c25a
SHA256

94b45e44b25cc505518f1d3df6f46bd4cdeaf19bf14da96616983245b39fb6d7
SHA512

f79ed555c262dba723cbae6c6e49014eb1532b01020ef357f0867e68aa55057fdad60232ddfe32541659bcf795728d4a72286044bbd7c0014a85dd7a603dd96e
SSDEEP

768:91bhUeCS0J3Z2W/tTJb6MfeTbPeNH88Aw1W2LBNN6:91ee7IsW/hJ2MibF8W

Score

8^/10

Malware Config

Targets

- Target
  
  94b45e44b25cc505518f1d3df6f46bd4cdeaf19bf14da96616983245b39fb6d7
- Size
  
  56KB
- MD5
  
  682eb4a2f638b1c36d59e8858a14abe4
- SHA1
  
  fd2e21d47d337e7476c62c889798491d1ae9c25a
- SHA256
  
  94b45e44b25cc505518f1d3df6f46bd4cdeaf19bf14da96616983245b39fb6d7
- SHA512
  
  f79ed555c262dba723cbae6c6e49014eb1532b01020ef357f0867e68aa55057fdad60232ddfe32541659bcf795728d4a72286044bbd7c0014a85dd7a603dd96e
- SSDEEP
  
  768:91bhUeCS0J3Z2W/tTJb6MfeTbPeNH88Aw1W2LBNN6:91ee7IsW/hJ2MibF8W
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2