657fb8aa230d0a92bee74c05f8453b77ef005bf57a3cab0ff958026e813d28f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

657fb8aa230d0a92bee74c05f8453b77ef005bf57a3cab0ff958026e813d28f1
Size

1.1MB
Sample

221124-m19t2scf91
MD5

c0adbd5d7daeb6b1a856c5cc44cf6130
SHA1

c246bb2c106ea8e23eda8c02b68c49f24e1370fa
SHA256

657fb8aa230d0a92bee74c05f8453b77ef005bf57a3cab0ff958026e813d28f1
SHA512

27e95fce290db55e03ca1f36a24b760632ddce29bd969293e15b22e599377d64be49be664945d6797f4606a10142b98a8626a9396dbd742a5eefa0658fa6ca0f
SSDEEP

24576:6dWzkAEIKdjz1xf/vivx6WipQwm5lYVD/iC1V4wa0jfpxu:3k7IKhzPwx6WGQn5MiCZjRk

Score

8^/10

Malware Config

Targets

- Target
  
  657fb8aa230d0a92bee74c05f8453b77ef005bf57a3cab0ff958026e813d28f1
- Size
  
  1.1MB
- MD5
  
  c0adbd5d7daeb6b1a856c5cc44cf6130
- SHA1
  
  c246bb2c106ea8e23eda8c02b68c49f24e1370fa
- SHA256
  
  657fb8aa230d0a92bee74c05f8453b77ef005bf57a3cab0ff958026e813d28f1
- SHA512
  
  27e95fce290db55e03ca1f36a24b760632ddce29bd969293e15b22e599377d64be49be664945d6797f4606a10142b98a8626a9396dbd742a5eefa0658fa6ca0f
- SSDEEP
  
  24576:6dWzkAEIKdjz1xf/vivx6WipQwm5lYVD/iC1V4wa0jfpxu:3k7IKhzPwx6WGQn5MiCZjRk
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2