c544277c6def6315311ed17416ed836fce0b1aa99c88c78ca605014ca1597bb0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c544277c6def6315311ed17416ed836fce0b1aa99c88c78ca605014ca1597bb0
Size

2.6MB
Sample

221106-nfheqsbeer
MD5

e00d3e6e64282b60ee0e16d261ec0882
SHA1

26462a7da371a5d306984886a5bbea5aa90b7f50
SHA256

c544277c6def6315311ed17416ed836fce0b1aa99c88c78ca605014ca1597bb0
SHA512

030a83f43ce70189f25f94c81dbf4d2d174c0e3447cf67fddd9c330f361e5d86b1407d5ed64f28c091638798f7432b04d68edfd6f1c5eb0d3b411ed7adbdfffa
SSDEEP

24576:SeFsQe+8WxA+HWWwbxMeN3CRw56SUzoggrrB6SAHoEkFF/Q6dDswUhmwB3hPxM0R:4Qf7OsSQkFn/U5BxpHl5MsxTKVfW

Score

8^/10

Malware Config

Targets

- Target
  
  c544277c6def6315311ed17416ed836fce0b1aa99c88c78ca605014ca1597bb0
- Size
  
  2.6MB
- MD5
  
  e00d3e6e64282b60ee0e16d261ec0882
- SHA1
  
  26462a7da371a5d306984886a5bbea5aa90b7f50
- SHA256
  
  c544277c6def6315311ed17416ed836fce0b1aa99c88c78ca605014ca1597bb0
- SHA512
  
  030a83f43ce70189f25f94c81dbf4d2d174c0e3447cf67fddd9c330f361e5d86b1407d5ed64f28c091638798f7432b04d68edfd6f1c5eb0d3b411ed7adbdfffa
- SSDEEP
  
  24576:SeFsQe+8WxA+HWWwbxMeN3CRw56SUzoggrrB6SAHoEkFF/Q6dDswUhmwB3hPxM0R:4Qf7OsSQkFn/U5BxpHl5MsxTKVfW
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2