87f5f1c88e961e3014a16d64ca95a3d81dffb8c8db05009ee547b46b41a70434 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87f5f1c88e961e3014a16d64ca95a3d81dffb8c8db05009ee547b46b41a70434
Size

200KB
Sample

221107-eajk6sfcg5
MD5

04679e12f846eaeb8840652c47192d15
SHA1

2f27ecdd38057ec339847395aed8512bf86f248d
SHA256

87f5f1c88e961e3014a16d64ca95a3d81dffb8c8db05009ee547b46b41a70434
SHA512

e8dad5048e6701e19d0838976b2a73d7241dbcb0c2b16c555633724bc5534934ad99fb3c2d210a74c7ce3aede2d0bab26e1c8392d00faf133acc85a0928723a8
SSDEEP

3072:/AJwq5/Y93y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQ8:8wUg93yGFInRO

Score

8^/10

Malware Config

Targets

- Target
  
  87f5f1c88e961e3014a16d64ca95a3d81dffb8c8db05009ee547b46b41a70434
- Size
  
  200KB
- MD5
  
  04679e12f846eaeb8840652c47192d15
- SHA1
  
  2f27ecdd38057ec339847395aed8512bf86f248d
- SHA256
  
  87f5f1c88e961e3014a16d64ca95a3d81dffb8c8db05009ee547b46b41a70434
- SHA512
  
  e8dad5048e6701e19d0838976b2a73d7241dbcb0c2b16c555633724bc5534934ad99fb3c2d210a74c7ce3aede2d0bab26e1c8392d00faf133acc85a0928723a8
- SSDEEP
  
  3072:/AJwq5/Y93y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQ8:8wUg93yGFInRO
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2