f54a6634069ddb8e2f278c679c070351e2e86323c7c98e50d2354fcabd050ede | Triage

Sharing

General

Target

f54a6634069ddb8e2f278c679c070351e2e86323c7c98e50d2354fcabd050ede
Size

471KB
Sample

221123-pxaxnacd76
MD5

7c46b3cca7d40383822924ed6554f1b3
SHA1

35a7dfa10d3bbd9846f3d0ae85cc0581cf78d8a3
SHA256

f54a6634069ddb8e2f278c679c070351e2e86323c7c98e50d2354fcabd050ede
SHA512

21e99b46f50449d145a7d162dd132da98963b27bdae1a8028286fffcb23c57758fff5c9e7e9dd3faa8d5412931b08fb10e40674d83bdba7bc3d05bf3e6b53b9a
SSDEEP

6144:Fmsyd7BspOWZ+Stxo3Gc2uqy3gu88mWCMpCRWFf2Kj+m+6XNbY7:xpO3StxwGc2c3tfmfsCRA22+m+8u

Score

8^/10

Malware Config

Targets

- Target
  
  f54a6634069ddb8e2f278c679c070351e2e86323c7c98e50d2354fcabd050ede
- Size
  
  471KB
- MD5
  
  7c46b3cca7d40383822924ed6554f1b3
- SHA1
  
  35a7dfa10d3bbd9846f3d0ae85cc0581cf78d8a3
- SHA256
  
  f54a6634069ddb8e2f278c679c070351e2e86323c7c98e50d2354fcabd050ede
- SHA512
  
  21e99b46f50449d145a7d162dd132da98963b27bdae1a8028286fffcb23c57758fff5c9e7e9dd3faa8d5412931b08fb10e40674d83bdba7bc3d05bf3e6b53b9a
- SSDEEP
  
  6144:Fmsyd7BspOWZ+Stxo3Gc2uqy3gu88mWCMpCRWFf2Kj+m+6XNbY7:xpO3StxwGc2c3tfmfsCRA22+m+8u
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2