3112c9f31a19512091ba9c8cfb1e25e65083e9b55ddd047497e7804c1607dae1 | Triage

Sharing

General

Target

3112c9f31a19512091ba9c8cfb1e25e65083e9b55ddd047497e7804c1607dae1
Size

143KB
Sample

221011-gtzslshfhn
MD5

7c21b2efa040da4c407b6ea465281e80
SHA1

d5bc144bdb4df7e71d23a6264c63a100815d38a2
SHA256

3112c9f31a19512091ba9c8cfb1e25e65083e9b55ddd047497e7804c1607dae1
SHA512

5b5c78129f36e4b21e2794253f4c08215eff5ba6cd2dbae88ae7339bf653c42f3e1543e68f5e72042396a640626bbea28bfbdb0cada358a7872db5b712d213eb
SSDEEP

3072:V3+UIA8UwopDBqhElSksQ9na/tK88sW3/eZft6:0ksQRa/8vxkft6

Score

8^/10

Malware Config

Targets

- Target
  
  3112c9f31a19512091ba9c8cfb1e25e65083e9b55ddd047497e7804c1607dae1
- Size
  
  143KB
- MD5
  
  7c21b2efa040da4c407b6ea465281e80
- SHA1
  
  d5bc144bdb4df7e71d23a6264c63a100815d38a2
- SHA256
  
  3112c9f31a19512091ba9c8cfb1e25e65083e9b55ddd047497e7804c1607dae1
- SHA512
  
  5b5c78129f36e4b21e2794253f4c08215eff5ba6cd2dbae88ae7339bf653c42f3e1543e68f5e72042396a640626bbea28bfbdb0cada358a7872db5b712d213eb
- SSDEEP
  
  3072:V3+UIA8UwopDBqhElSksQ9na/tK88sW3/eZft6:0ksQRa/8vxkft6
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2