ca92dbbaae72fc9140efd69e50a0558e126faf0234bd2385a0841820a64968bc | Triage

Sharing

General

Target

ca92dbbaae72fc9140efd69e50a0558e126faf0234bd2385a0841820a64968bc
Size

19KB
Sample

221020-jzpkyachf9
MD5

411261d546d6e49ff5946d4e548712f0
SHA1

de15aba9b0646e625063d67548eefc41cb079282
SHA256

ca92dbbaae72fc9140efd69e50a0558e126faf0234bd2385a0841820a64968bc
SHA512

8a2528555240c89208406d1f4df20f0a47c2087496eb7127697767e5e483d32ec037d58a840d853ecb5320335832f0da0ccdb81f96af40f6c038bcd1c1937619
SSDEEP

384:Idu9LNL1QFars3y3bQpYZRDtY8alJZjLzuC:IM9LCWn8ZjL1

Score

8^/10

Malware Config

Targets

- Target
  
  ca92dbbaae72fc9140efd69e50a0558e126faf0234bd2385a0841820a64968bc
- Size
  
  19KB
- MD5
  
  411261d546d6e49ff5946d4e548712f0
- SHA1
  
  de15aba9b0646e625063d67548eefc41cb079282
- SHA256
  
  ca92dbbaae72fc9140efd69e50a0558e126faf0234bd2385a0841820a64968bc
- SHA512
  
  8a2528555240c89208406d1f4df20f0a47c2087496eb7127697767e5e483d32ec037d58a840d853ecb5320335832f0da0ccdb81f96af40f6c038bcd1c1937619
- SSDEEP
  
  384:Idu9LNL1QFars3y3bQpYZRDtY8alJZjLzuC:IM9LCWn8ZjL1
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2