b123d481020439b084064e532e6a158a38fd9c4a279478cda6a2a4929cc59672 | Triage

Sharing

General

Target

b123d481020439b084064e532e6a158a38fd9c4a279478cda6a2a4929cc59672
Size

196KB
Sample

221124-axt8zaag71
MD5

2ebee12be851ff81ad38c76e079b6340
SHA1

76b2f46f7289f657bff71d63521ca307a80f8022
SHA256

b123d481020439b084064e532e6a158a38fd9c4a279478cda6a2a4929cc59672
SHA512

01b33bc21ffd43ef4f6199bf0db2eb0b78d105c618a8aee891e05ca944e4a601ba1b7ee03466d57b3285926638038d27045b4eb9e1dbcf510ef314404c2e2062
SSDEEP

1536:aXBYjfC24mFVsIgvo3X4iZpTha5VlA8mP7aoL8E:aX+0mFmIgvo4iZhha5r6aoL8E

Score

8^/10

Malware Config

Targets

- Target
  
  b123d481020439b084064e532e6a158a38fd9c4a279478cda6a2a4929cc59672
- Size
  
  196KB
- MD5
  
  2ebee12be851ff81ad38c76e079b6340
- SHA1
  
  76b2f46f7289f657bff71d63521ca307a80f8022
- SHA256
  
  b123d481020439b084064e532e6a158a38fd9c4a279478cda6a2a4929cc59672
- SHA512
  
  01b33bc21ffd43ef4f6199bf0db2eb0b78d105c618a8aee891e05ca944e4a601ba1b7ee03466d57b3285926638038d27045b4eb9e1dbcf510ef314404c2e2062
- SSDEEP
  
  1536:aXBYjfC24mFVsIgvo3X4iZpTha5VlA8mP7aoL8E:aX+0mFmIgvo4iZhha5r6aoL8E
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2