db1d07603e7325f83f6718444b4570a30694db1e04c55aebedacb1281069cc46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db1d07603e7325f83f6718444b4570a30694db1e04c55aebedacb1281069cc46
Size

217KB
Sample

221121-rxqdfsdg25
MD5

104fe702fc75c259211937de53b30560
SHA1

55a2fc1fa8741f4b8c79d5b24d0b73a34e95be5f
SHA256

db1d07603e7325f83f6718444b4570a30694db1e04c55aebedacb1281069cc46
SHA512

82675d020dbf89eb995ff7ffd7f58faa32747f13d546261e3b43f8fda0d682e2b24bd8a5626f4903c7cb8d94c13e73006460697a9916d3046780e76e75ceeb3a
SSDEEP

6144:qw8bgKZh/N1tJsGX9l9dZwIqo3RoyFvHMBP6sgH7yy:qw80KZh/N1tJwIrKydH2P67yy

Score

8^/10

Malware Config

Targets

- Target
  
  db1d07603e7325f83f6718444b4570a30694db1e04c55aebedacb1281069cc46
- Size
  
  217KB
- MD5
  
  104fe702fc75c259211937de53b30560
- SHA1
  
  55a2fc1fa8741f4b8c79d5b24d0b73a34e95be5f
- SHA256
  
  db1d07603e7325f83f6718444b4570a30694db1e04c55aebedacb1281069cc46
- SHA512
  
  82675d020dbf89eb995ff7ffd7f58faa32747f13d546261e3b43f8fda0d682e2b24bd8a5626f4903c7cb8d94c13e73006460697a9916d3046780e76e75ceeb3a
- SSDEEP
  
  6144:qw8bgKZh/N1tJsGX9l9dZwIqo3RoyFvHMBP6sgH7yy:qw80KZh/N1tJwIrKydH2P67yy
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2