7d9ce602682119bdca9efa729494fbc4b12bfa77b77819d942edf0e3129387b5 | Triage

Sharing

General

Target

7d9ce602682119bdca9efa729494fbc4b12bfa77b77819d942edf0e3129387b5
Size

449KB
Sample

221123-vd18dsgg45
MD5

59dab69326c2b57704248d154f97ad30
SHA1

ae8ab9c5ed28f2a095950e45c16a95b1954ad64a
SHA256

7d9ce602682119bdca9efa729494fbc4b12bfa77b77819d942edf0e3129387b5
SHA512

92be2790d74e9658819048714aa4128c4e717bf1e1d3026722d5e31e05c55aeb5447c82273f97f09d97c80e91f0d4e442ce0ae3be9cacd5efb85346b0329a3e8
SSDEEP

6144:0cjIoVL80U2LPtNLV/Vixcy80Ssa7CAoOefF0nv3XlQo7CbkE9c7M+FyWcYM:7LLPtNLmxK3mFBFMfV9GY+cMz

Score

8^/10

Malware Config

Targets

- Target
  
  7d9ce602682119bdca9efa729494fbc4b12bfa77b77819d942edf0e3129387b5
- Size
  
  449KB
- MD5
  
  59dab69326c2b57704248d154f97ad30
- SHA1
  
  ae8ab9c5ed28f2a095950e45c16a95b1954ad64a
- SHA256
  
  7d9ce602682119bdca9efa729494fbc4b12bfa77b77819d942edf0e3129387b5
- SHA512
  
  92be2790d74e9658819048714aa4128c4e717bf1e1d3026722d5e31e05c55aeb5447c82273f97f09d97c80e91f0d4e442ce0ae3be9cacd5efb85346b0329a3e8
- SSDEEP
  
  6144:0cjIoVL80U2LPtNLV/Vixcy80Ssa7CAoOefF0nv3XlQo7CbkE9c7M+FyWcYM:7LLPtNLmxK3mFBFMfV9GY+cMz
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2