91b96e54f51d78226671a570632756cd8fc3fd6323743c028bd6d2fcf20d80ac | Triage

Sharing

General

Target

91b96e54f51d78226671a570632756cd8fc3fd6323743c028bd6d2fcf20d80ac
Size

287KB
Sample

221123-z2gwwahd5z
MD5

53602ce749792a9f803274147a949d70
SHA1

cd819b4c4d1b31064b20799f7cea07a4ca0d4814
SHA256

91b96e54f51d78226671a570632756cd8fc3fd6323743c028bd6d2fcf20d80ac
SHA512

d65a948942596a6e517614c91bb25d2d07d15488059bd21188bf4cc24aedb0743a982f4e8a5f47e72027080c98d1986639361591b5ad8fd17fd3f640356ef51c
SSDEEP

6144:4WOBZbwUfuYZx+GcrcBS2YOsVy/cMIkT7b7F1Yw7Y/WTdMI:41Bn2+cI1sU/cMf3bpCeY+TmI

Score

8^/10

Malware Config

Targets

- Target
  
  91b96e54f51d78226671a570632756cd8fc3fd6323743c028bd6d2fcf20d80ac
- Size
  
  287KB
- MD5
  
  53602ce749792a9f803274147a949d70
- SHA1
  
  cd819b4c4d1b31064b20799f7cea07a4ca0d4814
- SHA256
  
  91b96e54f51d78226671a570632756cd8fc3fd6323743c028bd6d2fcf20d80ac
- SHA512
  
  d65a948942596a6e517614c91bb25d2d07d15488059bd21188bf4cc24aedb0743a982f4e8a5f47e72027080c98d1986639361591b5ad8fd17fd3f640356ef51c
- SSDEEP
  
  6144:4WOBZbwUfuYZx+GcrcBS2YOsVy/cMIkT7b7F1Yw7Y/WTdMI:41Bn2+cI1sU/cMf3bpCeY+TmI
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2