3aaf9ca68b5e32cd0b97814b6fd122b30d95cc80588312d1104ef3d2fd6c2e6d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3aaf9ca68b5e32cd0b97814b6fd122b30d95cc80588312d1104ef3d2fd6c2e6d
Size

23KB
Sample

221030-g2bqragdcj
MD5

83e55a96ee461b8a9c6044baa9213fb0
SHA1

aa7bf7010999c9ccd46bde9507248971d142e504
SHA256

3aaf9ca68b5e32cd0b97814b6fd122b30d95cc80588312d1104ef3d2fd6c2e6d
SHA512

a1732504239dcc5d895b3890df54009e22e707084c2eeb2fc4cba09adb9db55ba44aa00e455613a180abd55e78134a1dd5f932312cec65d5a3b90ab80ce9802d
SSDEEP

384:Lzz3qWcd5DUVQQZM+JKcCNwU1Mf9Yl4ynIs3y/ciQlTA0tp:nz3qWc7RY1JgNwmZlj3T+0j

Score

8^/10

Malware Config

Targets

- Target
  
  3aaf9ca68b5e32cd0b97814b6fd122b30d95cc80588312d1104ef3d2fd6c2e6d
- Size
  
  23KB
- MD5
  
  83e55a96ee461b8a9c6044baa9213fb0
- SHA1
  
  aa7bf7010999c9ccd46bde9507248971d142e504
- SHA256
  
  3aaf9ca68b5e32cd0b97814b6fd122b30d95cc80588312d1104ef3d2fd6c2e6d
- SHA512
  
  a1732504239dcc5d895b3890df54009e22e707084c2eeb2fc4cba09adb9db55ba44aa00e455613a180abd55e78134a1dd5f932312cec65d5a3b90ab80ce9802d
- SSDEEP
  
  384:Lzz3qWcd5DUVQQZM+JKcCNwU1Mf9Yl4ynIs3y/ciQlTA0tp:nz3qWc7RY1JgNwmZlj3T+0j
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2