9b1a1daf8154b063a38af551c4276c72644fa3dfe38b260d3cef9401443225bf | Triage

Sharing

General

Target

9b1a1daf8154b063a38af551c4276c72644fa3dfe38b260d3cef9401443225bf
Size

471KB
Sample

221123-qt9ggseh56
MD5

a6f3ad124c97a5d3a444c00ffd0b225f
SHA1

c4b9dea56fbe3a3921b2be7ccfc33d2ebe9b2ebf
SHA256

9b1a1daf8154b063a38af551c4276c72644fa3dfe38b260d3cef9401443225bf
SHA512

6b3089f83977245087fcf5d43c82944c60eac3d4d2f863a6b88bca5ae5355b09fdefaf4fbee7a95f10de43391d6670665f8547616376ecc54b4a831ffe028efe
SSDEEP

6144:Fmsyd7BspOWZ+Stxo3Gc2uqy3gu88mWCMpCRWFf2Kj+m+6XNbYw:xpO3StxwGc2c3tfmfsCRA22+m+8V

Score

8^/10

Malware Config

Targets

- Target
  
  9b1a1daf8154b063a38af551c4276c72644fa3dfe38b260d3cef9401443225bf
- Size
  
  471KB
- MD5
  
  a6f3ad124c97a5d3a444c00ffd0b225f
- SHA1
  
  c4b9dea56fbe3a3921b2be7ccfc33d2ebe9b2ebf
- SHA256
  
  9b1a1daf8154b063a38af551c4276c72644fa3dfe38b260d3cef9401443225bf
- SHA512
  
  6b3089f83977245087fcf5d43c82944c60eac3d4d2f863a6b88bca5ae5355b09fdefaf4fbee7a95f10de43391d6670665f8547616376ecc54b4a831ffe028efe
- SSDEEP
  
  6144:Fmsyd7BspOWZ+Stxo3Gc2uqy3gu88mWCMpCRWFf2Kj+m+6XNbYw:xpO3StxwGc2c3tfmfsCRA22+m+8V
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2