8f45656097fca42ad2fc7a5563bee888c728deba50d9e3eb774f45e548e692ec | Triage

Sharing

General

Target

8f45656097fca42ad2fc7a5563bee888c728deba50d9e3eb774f45e548e692ec
Size

14KB
Sample

221107-nw4ynsgehj
MD5

048c6338f3bb1a7891a9b426c29c3620
SHA1

191ca600c94a228ba0716ba72db18d2c85471798
SHA256

8f45656097fca42ad2fc7a5563bee888c728deba50d9e3eb774f45e548e692ec
SHA512

a0310e4bf437cb2db1b762ae36d28b047aef384c7aa548e241520bd01716da3d7ea5547de04d05d46cad5242969769c5117f3dbb39ecc17e8adc932d70647d54
SSDEEP

192:1NAtZlapNx2/znB49btUwTEmN2J8Cl1oynPJPbwgzmXOA/RUSo9LpaT:1NIzB/LB6fil1FRbNz7AJ9o9LpO

Score

8^/10

Malware Config

Targets

- Target
  
  8f45656097fca42ad2fc7a5563bee888c728deba50d9e3eb774f45e548e692ec
- Size
  
  14KB
- MD5
  
  048c6338f3bb1a7891a9b426c29c3620
- SHA1
  
  191ca600c94a228ba0716ba72db18d2c85471798
- SHA256
  
  8f45656097fca42ad2fc7a5563bee888c728deba50d9e3eb774f45e548e692ec
- SHA512
  
  a0310e4bf437cb2db1b762ae36d28b047aef384c7aa548e241520bd01716da3d7ea5547de04d05d46cad5242969769c5117f3dbb39ecc17e8adc932d70647d54
- SSDEEP
  
  192:1NAtZlapNx2/znB49btUwTEmN2J8Cl1oynPJPbwgzmXOA/RUSo9LpaT:1NIzB/LB6fil1FRbNz7AJ9o9LpO
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2