71b773b3acb91425a1c12cb0688b30cabaf6c7684d1d9cf8adee9cd8977aeccc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71b773b3acb91425a1c12cb0688b30cabaf6c7684d1d9cf8adee9cd8977aeccc
Size

2.0MB
Sample

221123-26rmzsbf34
MD5

7061d52e07d41a5104ff28ecf87b3cce
SHA1

bdde3bced2af620749e502b1b299923cd053eaea
SHA256

71b773b3acb91425a1c12cb0688b30cabaf6c7684d1d9cf8adee9cd8977aeccc
SHA512

8410af8e52fe650ea2d7f297bffe2c6f0728f775c26483821ac90842b62342348764e042565bf5d81116107042b88de8b6d3d585b2e5f8ce655bef53bb8c0204
SSDEEP

49152:MCjQQ4KUiKwhtxZrd3XKp14+e/D06dc+Ar:M3KUAV7HS0Q1r

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  71b773b3acb91425a1c12cb0688b30cabaf6c7684d1d9cf8adee9cd8977aeccc
- Size
  
  2.0MB
- MD5
  
  7061d52e07d41a5104ff28ecf87b3cce
- SHA1
  
  bdde3bced2af620749e502b1b299923cd053eaea
- SHA256
  
  71b773b3acb91425a1c12cb0688b30cabaf6c7684d1d9cf8adee9cd8977aeccc
- SHA512
  
  8410af8e52fe650ea2d7f297bffe2c6f0728f775c26483821ac90842b62342348764e042565bf5d81116107042b88de8b6d3d585b2e5f8ce655bef53bb8c0204
- SSDEEP
  
  49152:MCjQQ4KUiKwhtxZrd3XKp14+e/D06dc+Ar:M3KUAV7HS0Q1r
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2