e189e3b180a57841409f91968328f2d6617cd80e3fbe2d94f0f5b603cdb5c518 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e189e3b180a57841409f91968328f2d6617cd80e3fbe2d94f0f5b603cdb5c518
Size

519KB
Sample

221107-z2c8pahgc7
MD5

0f4d09a6ab0b74402698c59957a7a990
SHA1

35858519cf0d4e5ded95d6920e914e32bc98fb2f
SHA256

e189e3b180a57841409f91968328f2d6617cd80e3fbe2d94f0f5b603cdb5c518
SHA512

a15a8a81e944b44dc830228571076f7d937e37ed0dc904374eb22151dc5295c7fc5f39ec8dd55d2cc9077cb3f5ba222859c302e8859b8ccc136d70572275eabb
SSDEEP

3072:AX+0mFmIgvo4iZhha5rEaoL81iGq1bQdpt4zlsWjO+HbnmZGiWIySyUyygujBbKH:NHFU6hg5rEasqdpuzfjR7neGiGSeujQH

Score

8^/10

Malware Config

Targets

- Target
  
  e189e3b180a57841409f91968328f2d6617cd80e3fbe2d94f0f5b603cdb5c518
- Size
  
  519KB
- MD5
  
  0f4d09a6ab0b74402698c59957a7a990
- SHA1
  
  35858519cf0d4e5ded95d6920e914e32bc98fb2f
- SHA256
  
  e189e3b180a57841409f91968328f2d6617cd80e3fbe2d94f0f5b603cdb5c518
- SHA512
  
  a15a8a81e944b44dc830228571076f7d937e37ed0dc904374eb22151dc5295c7fc5f39ec8dd55d2cc9077cb3f5ba222859c302e8859b8ccc136d70572275eabb
- SSDEEP
  
  3072:AX+0mFmIgvo4iZhha5rEaoL81iGq1bQdpt4zlsWjO+HbnmZGiWIySyUyygujBbKH:NHFU6hg5rEasqdpuzfjR7neGiGSeujQH
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2