b2d8c48ff8f67309329410f887894b24d47288e190ece1bf38b090e6c7e7c271 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2d8c48ff8f67309329410f887894b24d47288e190ece1bf38b090e6c7e7c271
Size

756KB
Sample

221020-rphcwahde5
MD5

a00e32e087cd801a1b3c2373ffbce0b0
SHA1

95f2ce20e687f8b77a8451e1b1b091f4864f57ef
SHA256

b2d8c48ff8f67309329410f887894b24d47288e190ece1bf38b090e6c7e7c271
SHA512

90d586a22347c38d820502bff9b2806d3b547a1078b0a34013535d01b35da4f5dc59dac5d0380d155ad971edc7664eea7d1249d03e451a86c8512ab41e053273
SSDEEP

12288:cd7wrGpgr6ioTiYZg9lPhbpbHz1Jr+Gr4POrs5Z2j5bVCm0Ood4i/N+oh7ZYnoMX:ctpa6ioTivBpT1xCPO84RVCmuCotuVtt

Score

8^/10

Malware Config

Targets

- Target
  
  b2d8c48ff8f67309329410f887894b24d47288e190ece1bf38b090e6c7e7c271
- Size
  
  756KB
- MD5
  
  a00e32e087cd801a1b3c2373ffbce0b0
- SHA1
  
  95f2ce20e687f8b77a8451e1b1b091f4864f57ef
- SHA256
  
  b2d8c48ff8f67309329410f887894b24d47288e190ece1bf38b090e6c7e7c271
- SHA512
  
  90d586a22347c38d820502bff9b2806d3b547a1078b0a34013535d01b35da4f5dc59dac5d0380d155ad971edc7664eea7d1249d03e451a86c8512ab41e053273
- SSDEEP
  
  12288:cd7wrGpgr6ioTiYZg9lPhbpbHz1Jr+Gr4POrs5Z2j5bVCm0Ood4i/N+oh7ZYnoMX:ctpa6ioTivBpT1xCPO84RVCmuCotuVtt
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2