c8107f20c2fbbe69aad464ed2163560caafe87d0693821e02066e807ff8a2f60 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8107f20c2fbbe69aad464ed2163560caafe87d0693821e02066e807ff8a2f60
Size

527KB
Sample

221121-nmxg8sge72
MD5

37621fadb2c958758a2dfc9837c8c8a0
SHA1

d5f2ceaae36dd7d3cc6397e4a08ecf8649b4b2ad
SHA256

c8107f20c2fbbe69aad464ed2163560caafe87d0693821e02066e807ff8a2f60
SHA512

e0d166faae0196973277a257f5847091a079cdfc65cf6efd5ce900c7ac0f5f22ad83884334f5d9e247199d8aafe0571b1db5167d67aeafebf87384b1ccbbda63
SSDEEP

12288:fpQN/7w3W2uyQOxwiAhZCgLPdlSS8FwlC5:fiNz+/93xMi4nSS8F

Score

8^/10

Malware Config

Targets

- Target
  
  c8107f20c2fbbe69aad464ed2163560caafe87d0693821e02066e807ff8a2f60
- Size
  
  527KB
- MD5
  
  37621fadb2c958758a2dfc9837c8c8a0
- SHA1
  
  d5f2ceaae36dd7d3cc6397e4a08ecf8649b4b2ad
- SHA256
  
  c8107f20c2fbbe69aad464ed2163560caafe87d0693821e02066e807ff8a2f60
- SHA512
  
  e0d166faae0196973277a257f5847091a079cdfc65cf6efd5ce900c7ac0f5f22ad83884334f5d9e247199d8aafe0571b1db5167d67aeafebf87384b1ccbbda63
- SSDEEP
  
  12288:fpQN/7w3W2uyQOxwiAhZCgLPdlSS8FwlC5:fiNz+/93xMi4nSS8F
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2