8a3b6b9f22ffa8f61a095f6f95b85caa91ebe1811e06d55ca8b2413d1afa43b3 | Triage

Sharing

General

Target

8a3b6b9f22ffa8f61a095f6f95b85caa91ebe1811e06d55ca8b2413d1afa43b3
Size

18KB
Sample

221106-j4rwvsdgbl
MD5

0a6ef0779b91000bc5c1a84b4843f3b0
SHA1

ffacae95ce6ccf791688bacccb99c8b07f44cabb
SHA256

8a3b6b9f22ffa8f61a095f6f95b85caa91ebe1811e06d55ca8b2413d1afa43b3
SHA512

0027b2d3a8549ca5077005db0b7685c3de8648541ef343e08137ae741b9d09b3d7015c4d60165d80a8924c17f1da0e088d6ad8191f4b876bbe41a047a34b6b18
SSDEEP

192:Mcbkdw86m00Q96odRNyCiq/xEDvJ5Ao5iFVpUX7ZUSoQkC4duC8ffb1Ettz:BkSnmQgodRN5iqEDvTwFVm91kChhEttz

Score

8^/10

Malware Config

Targets

- Target
  
  8a3b6b9f22ffa8f61a095f6f95b85caa91ebe1811e06d55ca8b2413d1afa43b3
- Size
  
  18KB
- MD5
  
  0a6ef0779b91000bc5c1a84b4843f3b0
- SHA1
  
  ffacae95ce6ccf791688bacccb99c8b07f44cabb
- SHA256
  
  8a3b6b9f22ffa8f61a095f6f95b85caa91ebe1811e06d55ca8b2413d1afa43b3
- SHA512
  
  0027b2d3a8549ca5077005db0b7685c3de8648541ef343e08137ae741b9d09b3d7015c4d60165d80a8924c17f1da0e088d6ad8191f4b876bbe41a047a34b6b18
- SSDEEP
  
  192:Mcbkdw86m00Q96odRNyCiq/xEDvJ5Ao5iFVpUX7ZUSoQkC4duC8ffb1Ettz:BkSnmQgodRN5iqEDvTwFVm91kChhEttz
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2