1d7d891d56b2eb848a7ed15272197aeabb0235e5dfb89a74b93d19e45eb82f89 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d7d891d56b2eb848a7ed15272197aeabb0235e5dfb89a74b93d19e45eb82f89
Size

6.1MB
Sample

221101-bentxaegc6
MD5

b6c3c24ef82334f03d1f327425c24cca
SHA1

0ce5d0f630ac8e974948bb79c75cfc6d2af4ec23
SHA256

1d7d891d56b2eb848a7ed15272197aeabb0235e5dfb89a74b93d19e45eb82f89
SHA512

e00ae88cc9fc46eb56dd97eb1fd06010f24f9dfd3a04e9d0d98317c2fe46f333b31091f182c649b0d44f3337b5a427aec447a4904386e0b633c3d0e401598a99
SSDEEP

98304:7FjmMnkvdYU5sLlpfQzAnpcDL21C0VNO1G0Ov9fGrBAWABE9dua/hQxOX+xQLo:9Bkv0gLDKCYkG0w5GtAWABY8a5QxOlL

Score

8^/10

Malware Config

Targets

- Target
  
  1d7d891d56b2eb848a7ed15272197aeabb0235e5dfb89a74b93d19e45eb82f89
- Size
  
  6.1MB
- MD5
  
  b6c3c24ef82334f03d1f327425c24cca
- SHA1
  
  0ce5d0f630ac8e974948bb79c75cfc6d2af4ec23
- SHA256
  
  1d7d891d56b2eb848a7ed15272197aeabb0235e5dfb89a74b93d19e45eb82f89
- SHA512
  
  e00ae88cc9fc46eb56dd97eb1fd06010f24f9dfd3a04e9d0d98317c2fe46f333b31091f182c649b0d44f3337b5a427aec447a4904386e0b633c3d0e401598a99
- SSDEEP
  
  98304:7FjmMnkvdYU5sLlpfQzAnpcDL21C0VNO1G0Ov9fGrBAWABE9dua/hQxOX+xQLo:9Bkv0gLDKCYkG0w5GtAWABY8a5QxOlL
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1