d863b77a16ba4748e6e483d7f069d5adc997932920d33bdd2c38a7fbe232fec0 | Triage

Sharing

General

Target

d863b77a16ba4748e6e483d7f069d5adc997932920d33bdd2c38a7fbe232fec0
Size

19KB
Sample

221019-syj4haebdn
MD5

a15d75ce3d9234b5e1f4b7ac88764450
SHA1

41f947d09bfb0b2dfab65a30c89567541d14dad0
SHA256

d863b77a16ba4748e6e483d7f069d5adc997932920d33bdd2c38a7fbe232fec0
SHA512

0b531d12c534768dea867ee57f8bcad81d73f544b7f577e80d4a499e81037e15369d95b4c93a49d79c347d52d38967e80b643e1a266336b79da04e867f6f37af
SSDEEP

192:oZ+f8PcQcQLHtJx1sgYrHHstHNTgR09DBH4tf95BYyenSuXnTDnFgN:uzP7cQB1sgKWt0R+DB295BdenlFg

Score

8^/10

Malware Config

Targets

- Target
  
  d863b77a16ba4748e6e483d7f069d5adc997932920d33bdd2c38a7fbe232fec0
- Size
  
  19KB
- MD5
  
  a15d75ce3d9234b5e1f4b7ac88764450
- SHA1
  
  41f947d09bfb0b2dfab65a30c89567541d14dad0
- SHA256
  
  d863b77a16ba4748e6e483d7f069d5adc997932920d33bdd2c38a7fbe232fec0
- SHA512
  
  0b531d12c534768dea867ee57f8bcad81d73f544b7f577e80d4a499e81037e15369d95b4c93a49d79c347d52d38967e80b643e1a266336b79da04e867f6f37af
- SSDEEP
  
  192:oZ+f8PcQcQLHtJx1sgYrHHstHNTgR09DBH4tf95BYyenSuXnTDnFgN:uzP7cQB1sgKWt0R+DB295BdenlFg
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2