dc2e49bf6c97e7882cdb7dd953622fb31dc01e4d7ca02196f740639236683492 | Triage

Sharing

General

Target

dc2e49bf6c97e7882cdb7dd953622fb31dc01e4d7ca02196f740639236683492
Size

7KB
Sample

221123-vh3l1shb39
MD5

52c387d66edca29d7b059f6a0c3accd0
SHA1

50c86c919e057630aaaea56bd864f2371ca962c3
SHA256

dc2e49bf6c97e7882cdb7dd953622fb31dc01e4d7ca02196f740639236683492
SHA512

4e906bcae00ac2ebd930fa1335c1538a70bfac2c8c0ab3db2341b54c119c994deed0bcf02e37eecc793e0e096c4d06bb8fd19092d61e1a7f281cea07f74aff91
SSDEEP

96:pQ54+WvvTbLa7v11o+WLNqszZZ1YrI3uWaDLeBomjjP:u54+Wvvf0ro3oqgGaDLI/b

Score

7^/10

Malware Config

Targets

- Target
  
  dc2e49bf6c97e7882cdb7dd953622fb31dc01e4d7ca02196f740639236683492
- Size
  
  7KB
- MD5
  
  52c387d66edca29d7b059f6a0c3accd0
- SHA1
  
  50c86c919e057630aaaea56bd864f2371ca962c3
- SHA256
  
  dc2e49bf6c97e7882cdb7dd953622fb31dc01e4d7ca02196f740639236683492
- SHA512
  
  4e906bcae00ac2ebd930fa1335c1538a70bfac2c8c0ab3db2341b54c119c994deed0bcf02e37eecc793e0e096c4d06bb8fd19092d61e1a7f281cea07f74aff91
- SSDEEP
  
  96:pQ54+WvvTbLa7v11o+WLNqszZZ1YrI3uWaDLeBomjjP:u54+Wvvf0ro3oqgGaDLI/b
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2