59b85d75d645f3babc8463ed2de45aacecbbf62d68710898602b615e5dac6f8c | Triage

Sharing

General

Target

59b85d75d645f3babc8463ed2de45aacecbbf62d68710898602b615e5dac6f8c
Size

224KB
Sample

221020-tlbf9scfbm
MD5

8032c1a342ec7dc2f5bf26b467d17797
SHA1

1508ceaac28e58884aff9d15ab8340907381a531
SHA256

59b85d75d645f3babc8463ed2de45aacecbbf62d68710898602b615e5dac6f8c
SHA512

70a50020ae866df71c3f4cb2c534f54f6de0cd1b3b957ab0cd8fdf0d6ee49c7f7374d4e6ee15fe364216fb9f7fc6c7bcedc06ae62ebb97ab7d0a500922172186
SSDEEP

3072:GZYKi8E9UQLSBhCjG8G3GbGVGBGfGuGxGWYcrf6KadU:GZ1i8FLAYcD6Kad

Score

8^/10

Malware Config

Targets

- Target
  
  59b85d75d645f3babc8463ed2de45aacecbbf62d68710898602b615e5dac6f8c
- Size
  
  224KB
- MD5
  
  8032c1a342ec7dc2f5bf26b467d17797
- SHA1
  
  1508ceaac28e58884aff9d15ab8340907381a531
- SHA256
  
  59b85d75d645f3babc8463ed2de45aacecbbf62d68710898602b615e5dac6f8c
- SHA512
  
  70a50020ae866df71c3f4cb2c534f54f6de0cd1b3b957ab0cd8fdf0d6ee49c7f7374d4e6ee15fe364216fb9f7fc6c7bcedc06ae62ebb97ab7d0a500922172186
- SSDEEP
  
  3072:GZYKi8E9UQLSBhCjG8G3GbGVGBGfGuGxGWYcrf6KadU:GZ1i8FLAYcD6Kad
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2