6e38cb7f0ab11a4910f748b2d3fe979a4f313a2d7a438b748f572cc08925cfae | Triage

Sharing

General

Target

6e38cb7f0ab11a4910f748b2d3fe979a4f313a2d7a438b748f572cc08925cfae
Size

2.0MB
Sample

221123-k1234ahh76
MD5

bc77718daa4a1e8fe117945c4b05d14e
SHA1

cc165e9b0ebe0d4e218b3cd4ec5a0ec73bb44b5c
SHA256

6e38cb7f0ab11a4910f748b2d3fe979a4f313a2d7a438b748f572cc08925cfae
SHA512

6ffc72bf5578745ba4d0cc94ec449f906a7f4b7b7c665f3e74959eaf50a1aa5acf3fc270a455e0f24946209a8fc9e93fdbba170d6de085032dd79af6ca895b92
SSDEEP

49152:/4YAUsSmeKf/dMyJ1JuUEiAk1rMsHndg1kFDTn:/4zULM/dtwt1kFDTn

Score

8^/10

Malware Config

Targets

- Target
  
  6e38cb7f0ab11a4910f748b2d3fe979a4f313a2d7a438b748f572cc08925cfae
- Size
  
  2.0MB
- MD5
  
  bc77718daa4a1e8fe117945c4b05d14e
- SHA1
  
  cc165e9b0ebe0d4e218b3cd4ec5a0ec73bb44b5c
- SHA256
  
  6e38cb7f0ab11a4910f748b2d3fe979a4f313a2d7a438b748f572cc08925cfae
- SHA512
  
  6ffc72bf5578745ba4d0cc94ec449f906a7f4b7b7c665f3e74959eaf50a1aa5acf3fc270a455e0f24946209a8fc9e93fdbba170d6de085032dd79af6ca895b92
- SSDEEP
  
  49152:/4YAUsSmeKf/dMyJ1JuUEiAk1rMsHndg1kFDTn:/4zULM/dtwt1kFDTn
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2