ab75d9d8e4b52134acab777b1d4c927e3ca82891d1d5db505875273cf3ccd2f1 | Triage

Sharing

General

Target

ab75d9d8e4b52134acab777b1d4c927e3ca82891d1d5db505875273cf3ccd2f1
Size

284KB
Sample

221107-lf16qscbhl
MD5

0f540cf32edfe89f34e17f7aefb89dec
SHA1

a50b24b4745dde782f6c2ac16f075501f6d3bcf0
SHA256

ab75d9d8e4b52134acab777b1d4c927e3ca82891d1d5db505875273cf3ccd2f1
SHA512

ef1547041067b6e5e8c5383f1ad56669d5f44d67db959e5dc884ce7f4218b96232797e01f74e0aa60874045c5f550ca4b7b112d5aa7bcda8e7db203d0b7c5d6b
SSDEEP

6144:kVkX4m5Cld3Lbii5bkgVuN+xSKV7Wkrsf7LsZX/eLL:mkomglJXikbkgaISKV5X/eP

Score

8^/10

Malware Config

Targets

- Target
  
  ab75d9d8e4b52134acab777b1d4c927e3ca82891d1d5db505875273cf3ccd2f1
- Size
  
  284KB
- MD5
  
  0f540cf32edfe89f34e17f7aefb89dec
- SHA1
  
  a50b24b4745dde782f6c2ac16f075501f6d3bcf0
- SHA256
  
  ab75d9d8e4b52134acab777b1d4c927e3ca82891d1d5db505875273cf3ccd2f1
- SHA512
  
  ef1547041067b6e5e8c5383f1ad56669d5f44d67db959e5dc884ce7f4218b96232797e01f74e0aa60874045c5f550ca4b7b112d5aa7bcda8e7db203d0b7c5d6b
- SSDEEP
  
  6144:kVkX4m5Cld3Lbii5bkgVuN+xSKV7Wkrsf7LsZX/eLL:mkomglJXikbkgaISKV5X/eP
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2