fd5b38047feb809c0ca8a5b9dae2df3ad9953fd3df8a59327d1beec8fbff91c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd5b38047feb809c0ca8a5b9dae2df3ad9953fd3df8a59327d1beec8fbff91c0
Size

224KB
Sample

221020-tkv5aacehp
MD5

a08cae1bcac22d17d8644f2d02186390
SHA1

3520c894e448c67b708124363e3a8ae37a1acfe6
SHA256

fd5b38047feb809c0ca8a5b9dae2df3ad9953fd3df8a59327d1beec8fbff91c0
SHA512

3ddef7259b2531ff6b21005b6794ee734f622ecbcec586210898c0fa058f2cdf309fdc82f1249e7c6c3cec1e582308600b300ef3acf162c52273410f0e442fbd
SSDEEP

3072:G0lKe1BnmohhCjG8G3GbGVGBGfGuGxGWYcrf6KadU:G0sezJhAYcD6Kad

Score

8^/10

Malware Config

Targets

- Target
  
  fd5b38047feb809c0ca8a5b9dae2df3ad9953fd3df8a59327d1beec8fbff91c0
- Size
  
  224KB
- MD5
  
  a08cae1bcac22d17d8644f2d02186390
- SHA1
  
  3520c894e448c67b708124363e3a8ae37a1acfe6
- SHA256
  
  fd5b38047feb809c0ca8a5b9dae2df3ad9953fd3df8a59327d1beec8fbff91c0
- SHA512
  
  3ddef7259b2531ff6b21005b6794ee734f622ecbcec586210898c0fa058f2cdf309fdc82f1249e7c6c3cec1e582308600b300ef3acf162c52273410f0e442fbd
- SSDEEP
  
  3072:G0lKe1BnmohhCjG8G3GbGVGBGfGuGxGWYcrf6KadU:G0sezJhAYcD6Kad
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2