3863b1d1e103fb257b83dcc7ce6a252d8a970029606e024db0508097d452e6ae | Triage

Sharing

General

Target

3863b1d1e103fb257b83dcc7ce6a252d8a970029606e024db0508097d452e6ae
Size

1.8MB
Sample

221123-rxxgrshg55
MD5

dd486af62e1a1594fa7e12f42722a1bf
SHA1

ff40327f64feab19c41debd12b65d1b7913ae6f2
SHA256

3863b1d1e103fb257b83dcc7ce6a252d8a970029606e024db0508097d452e6ae
SHA512

d29c67e80aeaae5ea19c08a2c2505cb05821606ffb07aa8862010e5bf859185682b449ca04464496e9e85093886911d1d85100c04ac2529f0ebce0b1162d630c
SSDEEP

49152:v5dTVt0+PGk0FXWRd1NNIBp4kYWdijZkSmjuX7YnMe1w3:v5y+PGk0FYBE26di6kX7YMP3

Score

8^/10

Malware Config

Targets

- Target
  
  3863b1d1e103fb257b83dcc7ce6a252d8a970029606e024db0508097d452e6ae
- Size
  
  1.8MB
- MD5
  
  dd486af62e1a1594fa7e12f42722a1bf
- SHA1
  
  ff40327f64feab19c41debd12b65d1b7913ae6f2
- SHA256
  
  3863b1d1e103fb257b83dcc7ce6a252d8a970029606e024db0508097d452e6ae
- SHA512
  
  d29c67e80aeaae5ea19c08a2c2505cb05821606ffb07aa8862010e5bf859185682b449ca04464496e9e85093886911d1d85100c04ac2529f0ebce0b1162d630c
- SSDEEP
  
  49152:v5dTVt0+PGk0FXWRd1NNIBp4kYWdijZkSmjuX7YnMe1w3:v5y+PGk0FYBE26di6kX7YMP3
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2