51751f133ff7a10b1f75e1348b7dce9ba4d5a3ab6086f55d1257163382745c9c | Triage

Sharing

General

Target

51751f133ff7a10b1f75e1348b7dce9ba4d5a3ab6086f55d1257163382745c9c
Size

20KB
Sample

221019-rqtgjabeh3
MD5

a25e80824a64d7d014271aab082e8250
SHA1

1ba250610e276e5ab57ebac674e035894a4f8980
SHA256

51751f133ff7a10b1f75e1348b7dce9ba4d5a3ab6086f55d1257163382745c9c
SHA512

392c250c3498a8b13b83c1196060ac0cfd76fcdc66ded769885638c3c0fe8e1b39c5028bb3d9a6bf2b56794ba7b80f356ec055becf6e21d8a884a12f75140aed
SSDEEP

384:QfGJYAu8BSohFK8raFbW46Uj850fEvkjeJYFfCR2z:QfGy9mvhFZ74XLfEEawz

Score

8^/10

Malware Config

Targets

- Target
  
  51751f133ff7a10b1f75e1348b7dce9ba4d5a3ab6086f55d1257163382745c9c
- Size
  
  20KB
- MD5
  
  a25e80824a64d7d014271aab082e8250
- SHA1
  
  1ba250610e276e5ab57ebac674e035894a4f8980
- SHA256
  
  51751f133ff7a10b1f75e1348b7dce9ba4d5a3ab6086f55d1257163382745c9c
- SHA512
  
  392c250c3498a8b13b83c1196060ac0cfd76fcdc66ded769885638c3c0fe8e1b39c5028bb3d9a6bf2b56794ba7b80f356ec055becf6e21d8a884a12f75140aed
- SSDEEP
  
  384:QfGJYAu8BSohFK8raFbW46Uj850fEvkjeJYFfCR2z:QfGy9mvhFZ74XLfEEawz
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2