9114f0f7030067985b2ca7f8f143b26b78474837c7f66d5ba56d4fe8d9f69168 | Triage

Sharing

General

Target

9114f0f7030067985b2ca7f8f143b26b78474837c7f66d5ba56d4fe8d9f69168
Size

446KB
Sample

221011-lcrg5afhe3
MD5

098730132576ecf009e4a68e1b2fa76a
SHA1

ba047a51170be449090f40e2f52acdd041f89e24
SHA256

9114f0f7030067985b2ca7f8f143b26b78474837c7f66d5ba56d4fe8d9f69168
SHA512

9a619f89031bb781ee1a5d51d686de55f1e71ca1ddbecb6bf4ac43f2b91c29c32f7f6c43086d5a19b6abda8564bde992144d16bd4fea3c57a61b8efcbfe83fce
SSDEEP

6144:P4lRkAehaKuqT+FEaVnhelxxs6ZgwTSmpO7EqJh8ADX+EhzNjDGLGfGmS1ZlwIp6:PkWAehJuqTixSOV7EqtRtqLeiZlw4oek

Score

8^/10

Malware Config

Targets

- Target
  
  9114f0f7030067985b2ca7f8f143b26b78474837c7f66d5ba56d4fe8d9f69168
- Size
  
  446KB
- MD5
  
  098730132576ecf009e4a68e1b2fa76a
- SHA1
  
  ba047a51170be449090f40e2f52acdd041f89e24
- SHA256
  
  9114f0f7030067985b2ca7f8f143b26b78474837c7f66d5ba56d4fe8d9f69168
- SHA512
  
  9a619f89031bb781ee1a5d51d686de55f1e71ca1ddbecb6bf4ac43f2b91c29c32f7f6c43086d5a19b6abda8564bde992144d16bd4fea3c57a61b8efcbfe83fce
- SSDEEP
  
  6144:P4lRkAehaKuqT+FEaVnhelxxs6ZgwTSmpO7EqJh8ADX+EhzNjDGLGfGmS1ZlwIp6:PkWAehJuqTixSOV7EqtRtqLeiZlw4oek
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2