17f8c19672164b03d137678ac9df0b2eab09dc3bdc34b83011413eac18efeef2 | Triage

Sharing

General

Target

17f8c19672164b03d137678ac9df0b2eab09dc3bdc34b83011413eac18efeef2
Size

624KB
Sample

221004-d9q9mabbeq
MD5

537c86f68beee199e9023627d0f2a5f0
SHA1

79c7a4c7b672c17d437bb3740c025e56c7f7ff39
SHA256

17f8c19672164b03d137678ac9df0b2eab09dc3bdc34b83011413eac18efeef2
SHA512

51ec2760ff368106bceb4371b9fe436dae8e13837fd63dc851cf76f086e82c47c709c8ef347dc0b752ba7ccdb4b355cb5df39546c5e774741a852b9665e6c9ef
SSDEEP

12288:6DEIbFDK9mihCxU4hQUUDg62T5OHtfOtPx7jKXA+Cvt+hkHf1deC:6pbE9MxU4wDcTgQtPZjKXA1HfyC

Score

8^/10

Malware Config

Targets

- Target
  
  17f8c19672164b03d137678ac9df0b2eab09dc3bdc34b83011413eac18efeef2
- Size
  
  624KB
- MD5
  
  537c86f68beee199e9023627d0f2a5f0
- SHA1
  
  79c7a4c7b672c17d437bb3740c025e56c7f7ff39
- SHA256
  
  17f8c19672164b03d137678ac9df0b2eab09dc3bdc34b83011413eac18efeef2
- SHA512
  
  51ec2760ff368106bceb4371b9fe436dae8e13837fd63dc851cf76f086e82c47c709c8ef347dc0b752ba7ccdb4b355cb5df39546c5e774741a852b9665e6c9ef
- SSDEEP
  
  12288:6DEIbFDK9mihCxU4hQUUDg62T5OHtfOtPx7jKXA+Cvt+hkHf1deC:6pbE9MxU4wDcTgQtPZjKXA1HfyC
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2