0029ff91db128ffbe111fa51ca4dae07bc6cf31889e198f1c1e2a7741bd892ca | Triage

Sharing

General

Target

0029ff91db128ffbe111fa51ca4dae07bc6cf31889e198f1c1e2a7741bd892ca
Size

202KB
Sample

221123-zpxrkadd98
MD5

6c33623044bed83d7ab579bb8dff8fea
SHA1

1181d74579c8eccc84ea5ceaf5eb85bc8934dc99
SHA256

0029ff91db128ffbe111fa51ca4dae07bc6cf31889e198f1c1e2a7741bd892ca
SHA512

55528c731445b86dceb5ca06bea56dbe240e3af1b4976955abe49fb16391ae24163f5d47a33f048ec1f74c093c38124c2750a90a716f219c10e7331bb95c9c2c
SSDEEP

3072:sUhH+lIxpQoyjeRhDMiERHi+Oaf9ZJq8/Ng8TTeYEUhOrGp2:V+qXDyShD0Fi+df9ZYaJmYZA0

Score

8^/10

Malware Config

Targets

- Target
  
  0029ff91db128ffbe111fa51ca4dae07bc6cf31889e198f1c1e2a7741bd892ca
- Size
  
  202KB
- MD5
  
  6c33623044bed83d7ab579bb8dff8fea
- SHA1
  
  1181d74579c8eccc84ea5ceaf5eb85bc8934dc99
- SHA256
  
  0029ff91db128ffbe111fa51ca4dae07bc6cf31889e198f1c1e2a7741bd892ca
- SHA512
  
  55528c731445b86dceb5ca06bea56dbe240e3af1b4976955abe49fb16391ae24163f5d47a33f048ec1f74c093c38124c2750a90a716f219c10e7331bb95c9c2c
- SSDEEP
  
  3072:sUhH+lIxpQoyjeRhDMiERHi+Oaf9ZJq8/Ng8TTeYEUhOrGp2:V+qXDyShD0Fi+df9ZYaJmYZA0
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2