f501d985e533c2abd4685257b28b939c925fd67c927f14f967a3a78a0e119b86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f501d985e533c2abd4685257b28b939c925fd67c927f14f967a3a78a0e119b86
Size

20KB
Sample

221030-ntz7pshce3
MD5

a2e02effd1c73d44f08e861d6efa31c0
SHA1

d01024775b6d92926b71f26a8fe7bfae31bc0687
SHA256

f501d985e533c2abd4685257b28b939c925fd67c927f14f967a3a78a0e119b86
SHA512

75a6dcde26aa15888c45123b68cae7f4dcd78773a81f4db4ba1a9e731896cfc5f4e1978c236b932024853f66e40bd31f7d4a26b480cdc766175cd4b6ec65e19e
SSDEEP

384:IbRmmOIt0K/vDxbwpgDi7ZtCtY8alJZjLzu0h9kxCI:IbRmUvDX23RZjLsCI

Score

8^/10

Malware Config

Targets

- Target
  
  f501d985e533c2abd4685257b28b939c925fd67c927f14f967a3a78a0e119b86
- Size
  
  20KB
- MD5
  
  a2e02effd1c73d44f08e861d6efa31c0
- SHA1
  
  d01024775b6d92926b71f26a8fe7bfae31bc0687
- SHA256
  
  f501d985e533c2abd4685257b28b939c925fd67c927f14f967a3a78a0e119b86
- SHA512
  
  75a6dcde26aa15888c45123b68cae7f4dcd78773a81f4db4ba1a9e731896cfc5f4e1978c236b932024853f66e40bd31f7d4a26b480cdc766175cd4b6ec65e19e
- SSDEEP
  
  384:IbRmmOIt0K/vDxbwpgDi7ZtCtY8alJZjLzu0h9kxCI:IbRmUvDX23RZjLsCI
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2