be6a90a017c356ff8754b14b4cc0bd3f35a74ba425e57f58bbcce0d7b30e15f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be6a90a017c356ff8754b14b4cc0bd3f35a74ba425e57f58bbcce0d7b30e15f4
Size

224KB
Sample

221029-ygzeradahj
MD5

a3871d2bed91dfc720fa6453aa2d8560
SHA1

5c5580c85e0f2303299f58d6a558990ba8ffb7a4
SHA256

be6a90a017c356ff8754b14b4cc0bd3f35a74ba425e57f58bbcce0d7b30e15f4
SHA512

262e50bd7a956c9680ac7db5f7c4400a90297f71725f95a9af63a1f7b6bf92c0cd3033b0d7269e500ee086779692fc6a1a83007d9b2ea2decb346402fe0293c2
SSDEEP

3072:GkkKRwa70WkhCjG8G3GbGVGBGfGuGxGWYcrf6KadE:GkpRl0WkAYcD6Kad

Score

8^/10

Malware Config

Targets

- Target
  
  be6a90a017c356ff8754b14b4cc0bd3f35a74ba425e57f58bbcce0d7b30e15f4
- Size
  
  224KB
- MD5
  
  a3871d2bed91dfc720fa6453aa2d8560
- SHA1
  
  5c5580c85e0f2303299f58d6a558990ba8ffb7a4
- SHA256
  
  be6a90a017c356ff8754b14b4cc0bd3f35a74ba425e57f58bbcce0d7b30e15f4
- SHA512
  
  262e50bd7a956c9680ac7db5f7c4400a90297f71725f95a9af63a1f7b6bf92c0cd3033b0d7269e500ee086779692fc6a1a83007d9b2ea2decb346402fe0293c2
- SSDEEP
  
  3072:GkkKRwa70WkhCjG8G3GbGVGBGfGuGxGWYcrf6KadE:GkpRl0WkAYcD6Kad
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2