6da89f6721a39a8e333bd949a79bfd8a55824c1d655c2d90e1fdd125fe9f8793 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6da89f6721a39a8e333bd949a79bfd8a55824c1d655c2d90e1fdd125fe9f8793
Size

132KB
Sample

221021-cea4gsffdq
MD5

727335bbc3b70a53c9d349d9111b392a
SHA1

4eaa3c7c95104b692465d984e8ff761c988535db
SHA256

6da89f6721a39a8e333bd949a79bfd8a55824c1d655c2d90e1fdd125fe9f8793
SHA512

cf430fed4101b81fe8461037ed338030d68746c4b184e1baaf0f0bc95c42a80356bd8378a69f31b4f17f7e812aa4431224ebb7331b796f9b14f255c8b6b0ad55
SSDEEP

3072:R0LALgHEJ3/hmjyYQo0Nzpqh6GwlBF9HYW1ILPLMs1o:mLKgkJpmjyY9qG6GwlBF9HYF/Muo

Score

8^/10

Malware Config

Targets

- Target
  
  6da89f6721a39a8e333bd949a79bfd8a55824c1d655c2d90e1fdd125fe9f8793
- Size
  
  132KB
- MD5
  
  727335bbc3b70a53c9d349d9111b392a
- SHA1
  
  4eaa3c7c95104b692465d984e8ff761c988535db
- SHA256
  
  6da89f6721a39a8e333bd949a79bfd8a55824c1d655c2d90e1fdd125fe9f8793
- SHA512
  
  cf430fed4101b81fe8461037ed338030d68746c4b184e1baaf0f0bc95c42a80356bd8378a69f31b4f17f7e812aa4431224ebb7331b796f9b14f255c8b6b0ad55
- SSDEEP
  
  3072:R0LALgHEJ3/hmjyYQo0Nzpqh6GwlBF9HYW1ILPLMs1o:mLKgkJpmjyY9qG6GwlBF9HYF/Muo
Score

8^/10
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2