92554511a9dcc658bb5977113db9c4bc0c1e08a46c9f5939fd17d6a18a7581c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92554511a9dcc658bb5977113db9c4bc0c1e08a46c9f5939fd17d6a18a7581c8
Size

24KB
Sample

221021-dgnb9shdel
MD5

54b2757b5d0b7fd31111a0275b253600
SHA1

fa1af30c63da572ab17d6ea26cdf7ade42efb69b
SHA256

92554511a9dcc658bb5977113db9c4bc0c1e08a46c9f5939fd17d6a18a7581c8
SHA512

60b8e25ee93d8a6b07a2cf27b7a876559a04cfd41dfa305836e203867445eb4bd394e9bda9973670fc23e435f4cf72b05c65d3a9db2671a018162b400c6a0310
SSDEEP

384:bXvr/G9K/aASCjr8bfCmIyCl/wI0/1YTrfjkC7PslYs:b/zG9lCapIyMdnfj5Psz

Score

8^/10

Malware Config

Targets

- Target
  
  92554511a9dcc658bb5977113db9c4bc0c1e08a46c9f5939fd17d6a18a7581c8
- Size
  
  24KB
- MD5
  
  54b2757b5d0b7fd31111a0275b253600
- SHA1
  
  fa1af30c63da572ab17d6ea26cdf7ade42efb69b
- SHA256
  
  92554511a9dcc658bb5977113db9c4bc0c1e08a46c9f5939fd17d6a18a7581c8
- SHA512
  
  60b8e25ee93d8a6b07a2cf27b7a876559a04cfd41dfa305836e203867445eb4bd394e9bda9973670fc23e435f4cf72b05c65d3a9db2671a018162b400c6a0310
- SSDEEP
  
  384:bXvr/G9K/aASCjr8bfCmIyCl/wI0/1YTrfjkC7PslYs:b/zG9lCapIyMdnfj5Psz
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2