df65b0462e9733c299ea896850e0b8300d421a95e66177b26177b17d8e4d81f4 | Triage

Sharing

General

Target

DF65B0462E9733C299EA896850E0B8300D421A95E66177B26177B17D8E4D81F4
Size

531KB
Sample

221123-r16jvaaa89
MD5

8a970b7fd19f96c08aa6cdc3a2555e15
SHA1

4f0a402d4d8363579ecbc5c4555d526b9c86d789
SHA256

df65b0462e9733c299ea896850e0b8300d421a95e66177b26177b17d8e4d81f4
SHA512

082c28d41beaff7c97db1e86bf87f084d7d7cb309cc3b5ac21482e059ab3872cda0149bdfcc0ff8ca92cca4ea1a0409103f0354fb6b1dd294deea2e83562b0fa
SSDEEP

768:J3efqfyq4eCeh7GZyUwgW1HR3Oi/6eX7aZ0dGonHZjX38dsQn/WfO:Vvf+e7hh1hlCWd7n1c2i

Score

7^/10

Malware Config

Targets

- Target
  
  CMP_INSUM1056.exe
- Size
  
  500.1MB
- MD5
  
  acd01714e3836d6f49c34d103bcead06
- SHA1
  
  ecc28c1eff2e37edfed50127b3bcc8237d4001c7
- SHA256
  
  8d6bd51ded882f8ada6aad7dbcd38e0a6c01b8f2914ccfea4f836d4d030dcf64
- SHA512
  
  dd09f10ec1b5f130e99a2984c32d6a99e121368952b09e9ca38fd3d11f323dc1690099eecfb1c2a79e1b74de64f006977a4bf4842b27435f58960ddc7b33a5ad
- SSDEEP
  
  1536:rOs6A5IscDvkc0yjPSKFFneIIpsbbPOalcS/MNObZP:rOs6dDl/IpsbbPOalOwZP
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2