6deb79fa90d40bba28bdc06046499ed301b2ce74e9fde9c20605570fc430905f | Triage

Sharing

General

Target

6deb79fa90d40bba28bdc06046499ed301b2ce74e9fde9c20605570fc430905f
Size

10KB
Sample

221123-zp14zsde26
MD5

364d2e72f27e8b3e202ed4658dab9228
SHA1

13870035968c15cf8c69ecebdc35b4870e6661fb
SHA256

6deb79fa90d40bba28bdc06046499ed301b2ce74e9fde9c20605570fc430905f
SHA512

7094029f737a4b488318a45b7c6817d232f942e0c92001f78a761ededb64ea87d5c063d9ef1789c006c83b36875a3ba6c59cd1e22af939d6771d9e01578629dc
SSDEEP

192:4oUJ8AaGmQXNHevO8SebnETar+KMV86I1csZp1+Xi:4oUJ5Cw58SeETIu+ZpT

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  6deb79fa90d40bba28bdc06046499ed301b2ce74e9fde9c20605570fc430905f
- Size
  
  10KB
- MD5
  
  364d2e72f27e8b3e202ed4658dab9228
- SHA1
  
  13870035968c15cf8c69ecebdc35b4870e6661fb
- SHA256
  
  6deb79fa90d40bba28bdc06046499ed301b2ce74e9fde9c20605570fc430905f
- SHA512
  
  7094029f737a4b488318a45b7c6817d232f942e0c92001f78a761ededb64ea87d5c063d9ef1789c006c83b36875a3ba6c59cd1e22af939d6771d9e01578629dc
- SSDEEP
  
  192:4oUJ8AaGmQXNHevO8SebnETar+KMV86I1csZp1+Xi:4oUJ5Cw58SeETIu+ZpT
Score

8^/10

evasion
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2