80aa98fea0db302f362d90f4bb4d97f076d6d273d9dd656208782448929582a8 | Triage

Sharing

General

Target

80aa98fea0db302f362d90f4bb4d97f076d6d273d9dd656208782448929582a8
Size

200KB
Sample

221107-n9axrahcan
MD5

0e619d519a02016e2c7f3402f9e67910
SHA1

2ffe7ce1fe71015ce32601ec0bca1622e8d6c7fe
SHA256

80aa98fea0db302f362d90f4bb4d97f076d6d273d9dd656208782448929582a8
SHA512

e1d955f8219ff089f66b73ac1f853f581a7ed40aee64cb92aa263c759ee302611bfd31d14b937c0e492ffa2c6c36866c185fe9e9876d21e19f0f57f8679e4c3f
SSDEEP

3072:DVmZWXyaiedMbrN6pnoXvBsZV1NQKPWDyDReScJltZrpRqCTg:BSNaPM4loQNSDyDREthpg

Score

8^/10

Malware Config

Targets

- Target
  
  80aa98fea0db302f362d90f4bb4d97f076d6d273d9dd656208782448929582a8
- Size
  
  200KB
- MD5
  
  0e619d519a02016e2c7f3402f9e67910
- SHA1
  
  2ffe7ce1fe71015ce32601ec0bca1622e8d6c7fe
- SHA256
  
  80aa98fea0db302f362d90f4bb4d97f076d6d273d9dd656208782448929582a8
- SHA512
  
  e1d955f8219ff089f66b73ac1f853f581a7ed40aee64cb92aa263c759ee302611bfd31d14b937c0e492ffa2c6c36866c185fe9e9876d21e19f0f57f8679e4c3f
- SSDEEP
  
  3072:DVmZWXyaiedMbrN6pnoXvBsZV1NQKPWDyDReScJltZrpRqCTg:BSNaPM4loQNSDyDREthpg
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2