283e6e6add8fdcb7bbb3753fdc2bafecb2b85ec5424c8f0c2610e056b3468bdd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

283e6e6add8fdcb7bbb3753fdc2bafecb2b85ec5424c8f0c2610e056b3468bdd
Size

2.6MB
Sample

221028-x95a2achhl
MD5

2bf587ddeebd72fa7fbef343424695f2
SHA1

ae1e882294f8415eb96929b074eb972534cc6eae
SHA256

283e6e6add8fdcb7bbb3753fdc2bafecb2b85ec5424c8f0c2610e056b3468bdd
SHA512

913f5451307340171c5612c198d78bfbfa49d635cc0094eb014ea1326f3f2f5e545801277c64f72f4fa5d8846bba68e7f9bb8a24d1aaca828ae9fa48dc2a0f26
SSDEEP

49152:eIg8VQzYlwgSb7CtGr31nCmgqnc42tGwF8D+ody7OkxfhSR7AQVNq0RcfU3C:YHzYl1vc3omrc42F8DRdBkXs7AQ5cfUS

Score

8^/10

Malware Config

Targets

- Target
  
  283e6e6add8fdcb7bbb3753fdc2bafecb2b85ec5424c8f0c2610e056b3468bdd
- Size
  
  2.6MB
- MD5
  
  2bf587ddeebd72fa7fbef343424695f2
- SHA1
  
  ae1e882294f8415eb96929b074eb972534cc6eae
- SHA256
  
  283e6e6add8fdcb7bbb3753fdc2bafecb2b85ec5424c8f0c2610e056b3468bdd
- SHA512
  
  913f5451307340171c5612c198d78bfbfa49d635cc0094eb014ea1326f3f2f5e545801277c64f72f4fa5d8846bba68e7f9bb8a24d1aaca828ae9fa48dc2a0f26
- SSDEEP
  
  49152:eIg8VQzYlwgSb7CtGr31nCmgqnc42tGwF8D+ody7OkxfhSR7AQVNq0RcfU3C:YHzYl1vc3omrc42F8DRdBkXs7AQ5cfUS
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2