General

  • Target

    9c1ac743680aa468af5eb66def451451869d0ad95f5de9e8dddce6205a8bb823

  • Size

    1MB

  • Sample

    221124-yd2qpshf3t

  • MD5

    0a15e92b6919f122ad190262bce838b7

  • SHA1

    f58e111a99199afbd8b9011c0c4324f8a4199cce

  • SHA256

    9c1ac743680aa468af5eb66def451451869d0ad95f5de9e8dddce6205a8bb823

  • SHA512

    005ae7623848370d78e6f18f73be1d2cf488561c4e0086bed4bd41f15d939e3c3381fbd4bb321b9440621ddb3f1d00ec7b768d406773d4b1937eb347355f3247

Score
7/10

Malware Config

Targets

    • Target

      9c1ac743680aa468af5eb66def451451869d0ad95f5de9e8dddce6205a8bb823

    • Size

      1MB

    • MD5

      0a15e92b6919f122ad190262bce838b7

    • SHA1

      f58e111a99199afbd8b9011c0c4324f8a4199cce

    • SHA256

      9c1ac743680aa468af5eb66def451451869d0ad95f5de9e8dddce6205a8bb823

    • SHA512

      005ae7623848370d78e6f18f73be1d2cf488561c4e0086bed4bd41f15d939e3c3381fbd4bb321b9440621ddb3f1d00ec7b768d406773d4b1937eb347355f3247

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation