bfd0cddf2f6242efe309cd52a256ba471e3ffd962fbbc73370121a8ea17dc009 | Triage

Sharing

General

Target

bfd0cddf2f6242efe309cd52a256ba471e3ffd962fbbc73370121a8ea17dc009
Size

471KB
Sample

221123-qf1bnadh62
MD5

fbed12d69b26ccb21e5d26a16cea5453
SHA1

587b43d4db27be5863081b5feb4172fccc5a2ea7
SHA256

bfd0cddf2f6242efe309cd52a256ba471e3ffd962fbbc73370121a8ea17dc009
SHA512

ca8190652bbd523c0d14960df8b1b3071c17dd8177545f408f35c37b1d4c0a980b3cef71bb807904576f558f3d0c32d6808a96ac69a804fe2a83ba5adff1d7f6
SSDEEP

6144:Nmsyd7BspOWZ+Stxo3Gc2uqy3gu88mWCMpCRWFf2Kj+m+6XjY1:5pO3StxwGc2c3tfmfsCRA22+m+8a

Score

8^/10

Malware Config

Targets

- Target
  
  bfd0cddf2f6242efe309cd52a256ba471e3ffd962fbbc73370121a8ea17dc009
- Size
  
  471KB
- MD5
  
  fbed12d69b26ccb21e5d26a16cea5453
- SHA1
  
  587b43d4db27be5863081b5feb4172fccc5a2ea7
- SHA256
  
  bfd0cddf2f6242efe309cd52a256ba471e3ffd962fbbc73370121a8ea17dc009
- SHA512
  
  ca8190652bbd523c0d14960df8b1b3071c17dd8177545f408f35c37b1d4c0a980b3cef71bb807904576f558f3d0c32d6808a96ac69a804fe2a83ba5adff1d7f6
- SSDEEP
  
  6144:Nmsyd7BspOWZ+Stxo3Gc2uqy3gu88mWCMpCRWFf2Kj+m+6XjY1:5pO3StxwGc2c3tfmfsCRA22+m+8a
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2