84ade438ef66e6771445a3cc4fabf779aa6883ea01c39e99b2e0134defcc51ab | Triage

Sharing

General

Target

84ade438ef66e6771445a3cc4fabf779aa6883ea01c39e99b2e0134defcc51ab
Size

84KB
Sample

221123-lm4v7sfb91
MD5

33e70b85a6b35f3dc4cfa5810572c728
SHA1

2ea035b18b318feb303d86884fecf7fb474ed8e8
SHA256

84ade438ef66e6771445a3cc4fabf779aa6883ea01c39e99b2e0134defcc51ab
SHA512

82bb5628f52551d87b743ea1b1e58bf7df363a447a4a1806e6cd9dc377a0671100d14232df239cdf4955f46f9729d817f748cbb5af992f0a6090fb25be61d016
SSDEEP

1536:Tz2LOAmYhzihenoFV8pcr3XQtHeddSJ/M+/bbQ5sXHxmHpTrTytTKmIaaaM/8aav:Tz2LOAjQen0Ete4/Z/bbU6RkgNIaaaN/

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  84ade438ef66e6771445a3cc4fabf779aa6883ea01c39e99b2e0134defcc51ab
- Size
  
  84KB
- MD5
  
  33e70b85a6b35f3dc4cfa5810572c728
- SHA1
  
  2ea035b18b318feb303d86884fecf7fb474ed8e8
- SHA256
  
  84ade438ef66e6771445a3cc4fabf779aa6883ea01c39e99b2e0134defcc51ab
- SHA512
  
  82bb5628f52551d87b743ea1b1e58bf7df363a447a4a1806e6cd9dc377a0671100d14232df239cdf4955f46f9729d817f748cbb5af992f0a6090fb25be61d016
- SSDEEP
  
  1536:Tz2LOAmYhzihenoFV8pcr3XQtHeddSJ/M+/bbQ5sXHxmHpTrTytTKmIaaaM/8aav:Tz2LOAjQen0Ete4/Z/bbU6RkgNIaaaN/
Score

8^/10

evasion
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2