023b8705df4aa5e759a9e800a61e0f18f91286d2e826f2c741324e4b8ee6e3ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

023b8705df4aa5e759a9e800a61e0f18f91286d2e826f2c741324e4b8ee6e3ac
Size

21KB
Sample

221123-yjtbhsac57
MD5

570f20cf2b9043335d86584e61e42c20
SHA1

3642acbce841b89682d6cc2872ac976923573f29
SHA256

023b8705df4aa5e759a9e800a61e0f18f91286d2e826f2c741324e4b8ee6e3ac
SHA512

c45c1ca589645bec8ba02584d9db50afc84fe77d877b9a2dfc0d518190a0ecd5163bf4b088a1abbd3c94de0b076541a2c3c82164d966e7d3f1d75c37d1c24bdc
SSDEEP

384:Ax4eXupD27yKIJ9YurSVhM63M49HmU6aHgnk:sXuzKmOHnvgnk

Score

8^/10

Malware Config

Targets

- Target
  
  023b8705df4aa5e759a9e800a61e0f18f91286d2e826f2c741324e4b8ee6e3ac
- Size
  
  21KB
- MD5
  
  570f20cf2b9043335d86584e61e42c20
- SHA1
  
  3642acbce841b89682d6cc2872ac976923573f29
- SHA256
  
  023b8705df4aa5e759a9e800a61e0f18f91286d2e826f2c741324e4b8ee6e3ac
- SHA512
  
  c45c1ca589645bec8ba02584d9db50afc84fe77d877b9a2dfc0d518190a0ecd5163bf4b088a1abbd3c94de0b076541a2c3c82164d966e7d3f1d75c37d1c24bdc
- SSDEEP
  
  384:Ax4eXupD27yKIJ9YurSVhM63M49HmU6aHgnk:sXuzKmOHnvgnk
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2