a775dd6c62b280587382d2717fc5d86c3fc898e39649ae5a40cc130389532a92 | Triage

Sharing

General

Target

a775dd6c62b280587382d2717fc5d86c3fc898e39649ae5a40cc130389532a92
Size

19KB
Sample

221017-3bq9eadgfr
MD5

42ffa211dd54eccf07227a7ec4021937
SHA1

419549e5f9e43e92ee263646965fb1d6ca24c6f7
SHA256

a775dd6c62b280587382d2717fc5d86c3fc898e39649ae5a40cc130389532a92
SHA512

4a1d9fcd88decb070817d52129f40210ac094afcda56c5b9eda055db0c7af0a2574d5faa1d80bba369f3d5f4f277a30902d6710a6a8175cd1500a32e1a242018
SSDEEP

384:QLcTQvmFzKbE+QwuC6WREiHQqYxsrZ273PXW:QqQmFL+QMC9xBTPm

Score

8^/10

Malware Config

Targets

- Target
  
  a775dd6c62b280587382d2717fc5d86c3fc898e39649ae5a40cc130389532a92
- Size
  
  19KB
- MD5
  
  42ffa211dd54eccf07227a7ec4021937
- SHA1
  
  419549e5f9e43e92ee263646965fb1d6ca24c6f7
- SHA256
  
  a775dd6c62b280587382d2717fc5d86c3fc898e39649ae5a40cc130389532a92
- SHA512
  
  4a1d9fcd88decb070817d52129f40210ac094afcda56c5b9eda055db0c7af0a2574d5faa1d80bba369f3d5f4f277a30902d6710a6a8175cd1500a32e1a242018
- SSDEEP
  
  384:QLcTQvmFzKbE+QwuC6WREiHQqYxsrZ273PXW:QqQmFL+QMC9xBTPm
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2