1b792bfa71797d0bfad3bd4ea44af723384bbafd9fff0fb6d9c13c3b9414f285 | Triage

Sharing

General

Target

1b792bfa71797d0bfad3bd4ea44af723384bbafd9fff0fb6d9c13c3b9414f285
Size

224KB
Sample

221020-tldlmacha3
MD5

a000d0173d329e29eabbc758e3e670c0
SHA1

54bdad98fb6fb88a84326a8868d7190de5ca19d7
SHA256

1b792bfa71797d0bfad3bd4ea44af723384bbafd9fff0fb6d9c13c3b9414f285
SHA512

881cd91dcac214211b07bec9181c5d4038ec248fcb0b88d1397a89f81ea2238269cf1cef9c6f5f8e0a22326011f9c792e9c9d6df95d1b0134a266a9548cc0386
SSDEEP

3072:GJ1Kea+A9R4I3Ap39O3rhCjG8G3GbGVGBGfGuGxGWYcrf6Kad0:GJ8ea+A9R4IwLaAYcD6Kad

Score

8^/10

Malware Config

Targets

- Target
  
  1b792bfa71797d0bfad3bd4ea44af723384bbafd9fff0fb6d9c13c3b9414f285
- Size
  
  224KB
- MD5
  
  a000d0173d329e29eabbc758e3e670c0
- SHA1
  
  54bdad98fb6fb88a84326a8868d7190de5ca19d7
- SHA256
  
  1b792bfa71797d0bfad3bd4ea44af723384bbafd9fff0fb6d9c13c3b9414f285
- SHA512
  
  881cd91dcac214211b07bec9181c5d4038ec248fcb0b88d1397a89f81ea2238269cf1cef9c6f5f8e0a22326011f9c792e9c9d6df95d1b0134a266a9548cc0386
- SSDEEP
  
  3072:GJ1Kea+A9R4I3Ap39O3rhCjG8G3GbGVGBGfGuGxGWYcrf6Kad0:GJ8ea+A9R4IwLaAYcD6Kad
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2