b1314d85ce5dddfd21dd757ca4fea10b56286c1dd795ab62f85f4ab21eae311a | Triage

Sharing

General

Target

b1314d85ce5dddfd21dd757ca4fea10b56286c1dd795ab62f85f4ab21eae311a
Size

224KB
Sample

221019-snfy4adcb7
MD5

a1be60d5fbba7d7c6fcab0554b1385d0
SHA1

e4abcda24b0048bcf6ed0f1329f9eee2dffff604
SHA256

b1314d85ce5dddfd21dd757ca4fea10b56286c1dd795ab62f85f4ab21eae311a
SHA512

0c7cf9c42b7ff76bef1ed4a3c47a98a482f5b642162181e0fb7f741af2e0417409422a0bdeafa049499cdb4268afd0bc78fd4abd56d656c31cf1bf394239b6d9
SSDEEP

3072:GxFK2hRqDXhCjG8G3GbGVGBGfGuGxGWYcrf6Kad0:GxM2qAYcD6Kad

Score

8^/10

Malware Config

Targets

- Target
  
  b1314d85ce5dddfd21dd757ca4fea10b56286c1dd795ab62f85f4ab21eae311a
- Size
  
  224KB
- MD5
  
  a1be60d5fbba7d7c6fcab0554b1385d0
- SHA1
  
  e4abcda24b0048bcf6ed0f1329f9eee2dffff604
- SHA256
  
  b1314d85ce5dddfd21dd757ca4fea10b56286c1dd795ab62f85f4ab21eae311a
- SHA512
  
  0c7cf9c42b7ff76bef1ed4a3c47a98a482f5b642162181e0fb7f741af2e0417409422a0bdeafa049499cdb4268afd0bc78fd4abd56d656c31cf1bf394239b6d9
- SSDEEP
  
  3072:GxFK2hRqDXhCjG8G3GbGVGBGfGuGxGWYcrf6Kad0:GxM2qAYcD6Kad
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2