5374c114d8bcf4258435a2cd76b7e1ad8f922d33bf9c015d15cee68931046b0d | Triage

Sharing

General

Target

5374c114d8bcf4258435a2cd76b7e1ad8f922d33bf9c015d15cee68931046b0d
Size

421KB
Sample

221027-1jxeaadgdk
MD5

1fe104c0c6b8e2ff1e6af09d71b2e44e
SHA1

913ac9d7c8acf8dc427581605091440bb7f19d98
SHA256

5374c114d8bcf4258435a2cd76b7e1ad8f922d33bf9c015d15cee68931046b0d
SHA512

61d7fc066f9f6d2c919891ffba676b960d9c9be23dfbfabc3837eae89dc9b7bc211727cedd22d336f9b5d163a806b9fdbb653ce4cb51c90af800d8396e35beae
SSDEEP

12288:DjODTivE9Gzlr3yPRpb+Wvo3/nZFozAKR4p3:DjOysIhr3ORpbBofZFv7p3

Score

8^/10

Malware Config

Targets

- Target
  
  5374c114d8bcf4258435a2cd76b7e1ad8f922d33bf9c015d15cee68931046b0d
- Size
  
  421KB
- MD5
  
  1fe104c0c6b8e2ff1e6af09d71b2e44e
- SHA1
  
  913ac9d7c8acf8dc427581605091440bb7f19d98
- SHA256
  
  5374c114d8bcf4258435a2cd76b7e1ad8f922d33bf9c015d15cee68931046b0d
- SHA512
  
  61d7fc066f9f6d2c919891ffba676b960d9c9be23dfbfabc3837eae89dc9b7bc211727cedd22d336f9b5d163a806b9fdbb653ce4cb51c90af800d8396e35beae
- SSDEEP
  
  12288:DjODTivE9Gzlr3yPRpb+Wvo3/nZFozAKR4p3:DjOysIhr3ORpbBofZFv7p3
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2