22b4558e1d6d66465e5ef3241d3688a5e38c133820a4aa66a0494dc01481a0be | Triage

Sharing

General

Target

22b4558e1d6d66465e5ef3241d3688a5e38c133820a4aa66a0494dc01481a0be
Size

658KB
Sample

221011-edasfadbf9
MD5

601ddad314b61246283fcaacdb1f9940
SHA1

f8e47b1bbcc07bd06e47bbb409a7cefe50c8cc3a
SHA256

22b4558e1d6d66465e5ef3241d3688a5e38c133820a4aa66a0494dc01481a0be
SHA512

98aab411fc22ed4d8db9a6ccee4e72c4cfea9a27833a6f315d7a738f66c30d15ba7bcae386581d123186305eadcc0fe28b0a99bf3ea3f4caa0240ca1e536f084
SSDEEP

12288:SaejG/5NwYkK19iOCr+TMoO30mYn0YaAsGhQHxM5DKTrH5eZQ2d:2jGAK19iOCr+TMoO30mYn0YaAstHxM5h

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  22b4558e1d6d66465e5ef3241d3688a5e38c133820a4aa66a0494dc01481a0be
- Size
  
  658KB
- MD5
  
  601ddad314b61246283fcaacdb1f9940
- SHA1
  
  f8e47b1bbcc07bd06e47bbb409a7cefe50c8cc3a
- SHA256
  
  22b4558e1d6d66465e5ef3241d3688a5e38c133820a4aa66a0494dc01481a0be
- SHA512
  
  98aab411fc22ed4d8db9a6ccee4e72c4cfea9a27833a6f315d7a738f66c30d15ba7bcae386581d123186305eadcc0fe28b0a99bf3ea3f4caa0240ca1e536f084
- SSDEEP
  
  12288:SaejG/5NwYkK19iOCr+TMoO30mYn0YaAsGhQHxM5DKTrH5eZQ2d:2jGAK19iOCr+TMoO30mYn0YaAstHxM5h
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2