3a5f5378c92c0f3c7de4aa8963b24ac8fe77240bc5129bba1f6b19c246d9abdf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a5f5378c92c0f3c7de4aa8963b24ac8fe77240bc5129bba1f6b19c246d9abdf
Size

600KB
Sample

221030-eqm9asceak
MD5

a322694155a80d73f15fe455856a2761
SHA1

b8b2a706c54d5e0347da913e33e8f3928993d632
SHA256

3a5f5378c92c0f3c7de4aa8963b24ac8fe77240bc5129bba1f6b19c246d9abdf
SHA512

09c1a13d60c6fef32c49d9764e97d885363d5ef106f0eb5eb700f145ab310bae970cab015d3cef22db9cb1b1ae29d5f845a7932bb6ceab03ddc74e2ad2386f4a
SSDEEP

12288:i78ByWqjMd2TgDc66CVE8rObc/2izosb5u6uWeZUdE+pznUa+:EsyWqjxgDc6YoObcdoWE/jUdE+pDUa+

Score

8^/10

Malware Config

Targets

- Target
  
  3a5f5378c92c0f3c7de4aa8963b24ac8fe77240bc5129bba1f6b19c246d9abdf
- Size
  
  600KB
- MD5
  
  a322694155a80d73f15fe455856a2761
- SHA1
  
  b8b2a706c54d5e0347da913e33e8f3928993d632
- SHA256
  
  3a5f5378c92c0f3c7de4aa8963b24ac8fe77240bc5129bba1f6b19c246d9abdf
- SHA512
  
  09c1a13d60c6fef32c49d9764e97d885363d5ef106f0eb5eb700f145ab310bae970cab015d3cef22db9cb1b1ae29d5f845a7932bb6ceab03ddc74e2ad2386f4a
- SSDEEP
  
  12288:i78ByWqjMd2TgDc66CVE8rObc/2izosb5u6uWeZUdE+pznUa+:EsyWqjxgDc6YoObcdoWE/jUdE+pDUa+
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2