6e017ad08ae60eee198da28f403fba4ed94efdbc95b255813cec60f596bf6d11 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e017ad08ae60eee198da28f403fba4ed94efdbc95b255813cec60f596bf6d11
Size

674KB
Sample

221106-ftz8psdff8
MD5

3e5fa350e4c803c1bcda1dacb47ba810
SHA1

b8ef5c1f68721a3c02e4a91c4e2ea36dc8740fc6
SHA256

6e017ad08ae60eee198da28f403fba4ed94efdbc95b255813cec60f596bf6d11
SHA512

7f4092729b8889af01bdf4e9a2504a5d28fad67289ddbc77d12c9b3f3556855b13f54e7016e9b8e56e85ffd3f5ea0304d11c3c32bc695847edc0bf77755c9812
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  6e017ad08ae60eee198da28f403fba4ed94efdbc95b255813cec60f596bf6d11
- Size
  
  674KB
- MD5
  
  3e5fa350e4c803c1bcda1dacb47ba810
- SHA1
  
  b8ef5c1f68721a3c02e4a91c4e2ea36dc8740fc6
- SHA256
  
  6e017ad08ae60eee198da28f403fba4ed94efdbc95b255813cec60f596bf6d11
- SHA512
  
  7f4092729b8889af01bdf4e9a2504a5d28fad67289ddbc77d12c9b3f3556855b13f54e7016e9b8e56e85ffd3f5ea0304d11c3c32bc695847edc0bf77755c9812
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2