5d64b1619604d6b3b62e4df92ad5c68b079b3406a2d7cef81db4873be06c57a7 | Triage

Sharing

General

Target

5d64b1619604d6b3b62e4df92ad5c68b079b3406a2d7cef81db4873be06c57a7
Size

20KB
Sample

221123-xs9t7afh84
MD5

4c67a35f4afb64588dc13d7b15bc1660
SHA1

ab0a0335fda2f8e91049200b0d93a475294eaf92
SHA256

5d64b1619604d6b3b62e4df92ad5c68b079b3406a2d7cef81db4873be06c57a7
SHA512

0cfb71400b1fda39c7a35996d284c5326cdaf7dd9aa2ab6089f92d2f9450ee152d25965e97ed0713a6f5bf032e6f49824612cc298277314818fa80e090c97068
SSDEEP

192:uvxLS4de1HNAUQcX+l2Hg5cIasUU4L3bba4q4APTK7YypcitVLNU4YknLE:uvxLSkeJndXQrWjMcYyC+Bqkng

Score

8^/10

Malware Config

Targets

- Target
  
  5d64b1619604d6b3b62e4df92ad5c68b079b3406a2d7cef81db4873be06c57a7
- Size
  
  20KB
- MD5
  
  4c67a35f4afb64588dc13d7b15bc1660
- SHA1
  
  ab0a0335fda2f8e91049200b0d93a475294eaf92
- SHA256
  
  5d64b1619604d6b3b62e4df92ad5c68b079b3406a2d7cef81db4873be06c57a7
- SHA512
  
  0cfb71400b1fda39c7a35996d284c5326cdaf7dd9aa2ab6089f92d2f9450ee152d25965e97ed0713a6f5bf032e6f49824612cc298277314818fa80e090c97068
- SSDEEP
  
  192:uvxLS4de1HNAUQcX+l2Hg5cIasUU4L3bba4q4APTK7YypcitVLNU4YknLE:uvxLSkeJndXQrWjMcYyC+Bqkng
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2