6c4b2d812687391687ff74826ee6b83e0119579d43fe66b8a53fa835d35f11ec | Triage

Sharing

General

Target

96a04fefa99d3fcf02a9da1da9e3bca6.exe
Size

6.1MB
Sample

221027-vah8eacgf4
MD5

96a04fefa99d3fcf02a9da1da9e3bca6
SHA1

8ba1e93004fa24c8ef002a3cf355410e24428878
SHA256

6c4b2d812687391687ff74826ee6b83e0119579d43fe66b8a53fa835d35f11ec
SHA512

406cc290e5c870f335082e90d046faa1b8f39ae9911fc6bbdf8c1f3a7bcf3ffc4bc09790a87e4fea57af1835c4900a6a3d597abb178fe4d301319812b47baf17
SSDEEP

98304:pX9goaRpJe2NDxlTDSDlV5gZOYyCVqM8YmZZ3mKjsTPkvoVfUb+rDl6aE:9qoaRjZZMD5+yCuhZ6jkgVsbWDl6a

Score

8^/10

Malware Config

Targets

- Target
  
  96a04fefa99d3fcf02a9da1da9e3bca6.exe
- Size
  
  6.1MB
- MD5
  
  96a04fefa99d3fcf02a9da1da9e3bca6
- SHA1
  
  8ba1e93004fa24c8ef002a3cf355410e24428878
- SHA256
  
  6c4b2d812687391687ff74826ee6b83e0119579d43fe66b8a53fa835d35f11ec
- SHA512
  
  406cc290e5c870f335082e90d046faa1b8f39ae9911fc6bbdf8c1f3a7bcf3ffc4bc09790a87e4fea57af1835c4900a6a3d597abb178fe4d301319812b47baf17
- SSDEEP
  
  98304:pX9goaRpJe2NDxlTDSDlV5gZOYyCVqM8YmZZ3mKjsTPkvoVfUb+rDl6aE:9qoaRjZZMD5+yCuhZ6jkgVsbWDl6a
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2