6b14fc0e52b2f1612cd1162a37beaaebd1aa91b9663dbb213a445d66d65bea3b | Triage

Sharing

General

Target

6b14fc0e52b2f1612cd1162a37beaaebd1aa91b9663dbb213a445d66d65bea3b
Size

48KB
Sample

221028-1mryzahafj
MD5

0c5408a21ec49d962c0d67b4b2330601
SHA1

724fe1d2f13a2409cb6bc1e110e32ae1b717d1f4
SHA256

6b14fc0e52b2f1612cd1162a37beaaebd1aa91b9663dbb213a445d66d65bea3b
SHA512

44f400aa720cf6dd5f22af0c0ecc6aa0d1f1033d005740e7cbc5c8a066b64e3a4638274393ce6a7b3a002423b891d839820f81daa8b90a7e8e0e06b27117cd89
SSDEEP

768:WREhr0ZAPHG0ZhJ461FxXhD9FvMH28ymSr30IVP9x:EWoatd1jhnMH28ymiVP9x

Score

8^/10

Malware Config

Targets

- Target
  
  6b14fc0e52b2f1612cd1162a37beaaebd1aa91b9663dbb213a445d66d65bea3b
- Size
  
  48KB
- MD5
  
  0c5408a21ec49d962c0d67b4b2330601
- SHA1
  
  724fe1d2f13a2409cb6bc1e110e32ae1b717d1f4
- SHA256
  
  6b14fc0e52b2f1612cd1162a37beaaebd1aa91b9663dbb213a445d66d65bea3b
- SHA512
  
  44f400aa720cf6dd5f22af0c0ecc6aa0d1f1033d005740e7cbc5c8a066b64e3a4638274393ce6a7b3a002423b891d839820f81daa8b90a7e8e0e06b27117cd89
- SSDEEP
  
  768:WREhr0ZAPHG0ZhJ461FxXhD9FvMH28ymSr30IVP9x:EWoatd1jhnMH28ymiVP9x
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2