26bd8eb8f9c7284710e6adc8f15c5aa692167b35464a3df7cf13a52fa50e14c7 | Triage

Sharing

General

Target

26bd8eb8f9c7284710e6adc8f15c5aa692167b35464a3df7cf13a52fa50e14c7
Size

872KB
Sample

221106-d7j3jabaa6
MD5

108deb435d73d5c48c44772369afc220
SHA1

19b8fba12ec6a31c48288ffbb4692e2a14f4ccf9
SHA256

26bd8eb8f9c7284710e6adc8f15c5aa692167b35464a3df7cf13a52fa50e14c7
SHA512

448994c2841f4e4669a5dbf22d1675c036a99f262bd98c7a685049700cefd2854ba0f3108770bce821412d6ef498b24d51b6876c8fd2ef650cbfe4029c2023ef
SSDEEP

6144:l8XXRUw9Oz5+iUPO4RJtvRx7HfnSzObtkLo5vOFTaLTGu0yvHcr+:unRy+vvtHfRVxOFuPyAHcq

Score

8^/10

Malware Config

Targets

- Target
  
  26bd8eb8f9c7284710e6adc8f15c5aa692167b35464a3df7cf13a52fa50e14c7
- Size
  
  872KB
- MD5
  
  108deb435d73d5c48c44772369afc220
- SHA1
  
  19b8fba12ec6a31c48288ffbb4692e2a14f4ccf9
- SHA256
  
  26bd8eb8f9c7284710e6adc8f15c5aa692167b35464a3df7cf13a52fa50e14c7
- SHA512
  
  448994c2841f4e4669a5dbf22d1675c036a99f262bd98c7a685049700cefd2854ba0f3108770bce821412d6ef498b24d51b6876c8fd2ef650cbfe4029c2023ef
- SSDEEP
  
  6144:l8XXRUw9Oz5+iUPO4RJtvRx7HfnSzObtkLo5vOFTaLTGu0yvHcr+:unRy+vvtHfRVxOFuPyAHcq
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2