abb2632d6fe9d55c6a7c689b7dc316172c6f9eb4a9669996b9f4bea599e40083 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abb2632d6fe9d55c6a7c689b7dc316172c6f9eb4a9669996b9f4bea599e40083
Size

961KB
Sample

221107-h5htxagbcp
MD5

3fe0054b47d0bd4b0fb39a302b142a11
SHA1

b1f6ebfef561a1ec79e4347a1b0164644af73497
SHA256

abb2632d6fe9d55c6a7c689b7dc316172c6f9eb4a9669996b9f4bea599e40083
SHA512

aa5c82ff81216d8f427260747178f9078e51cdd0cfa45bb1412ed34bffc54087bd728c7e0a4b1d123a49a560fa91e70d26010947e7216ac4e82d61a55bb61408
SSDEEP

24576:mf3TTlLntrOdKR090QOer7GDdKq/5QEqyCNZF2:03OgRtvc6Bo2

Score

8^/10

Malware Config

Targets

- Target
  
  abb2632d6fe9d55c6a7c689b7dc316172c6f9eb4a9669996b9f4bea599e40083
- Size
  
  961KB
- MD5
  
  3fe0054b47d0bd4b0fb39a302b142a11
- SHA1
  
  b1f6ebfef561a1ec79e4347a1b0164644af73497
- SHA256
  
  abb2632d6fe9d55c6a7c689b7dc316172c6f9eb4a9669996b9f4bea599e40083
- SHA512
  
  aa5c82ff81216d8f427260747178f9078e51cdd0cfa45bb1412ed34bffc54087bd728c7e0a4b1d123a49a560fa91e70d26010947e7216ac4e82d61a55bb61408
- SSDEEP
  
  24576:mf3TTlLntrOdKR090QOer7GDdKq/5QEqyCNZF2:03OgRtvc6Bo2
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2