246f720b894852c4d1223b1b9dcb45a4a085de9895a41c002934a1a23bb54f76 | Triage

Sharing

General

Target

246f720b894852c4d1223b1b9dcb45a4a085de9895a41c002934a1a23bb54f76
Size

5.7MB
Sample

221125-pw8sascc2s
MD5

7798c39d0d07c28008028cfe27d0298d
SHA1

d8fd5474b243c8a8f63aee71f79cf4d12f5313de
SHA256

246f720b894852c4d1223b1b9dcb45a4a085de9895a41c002934a1a23bb54f76
SHA512

e847d55faf23f957c936e44737a6cfd7565cc2ab922a2c7bba7e77b5fe2e57bd47d6b3c467fd650a5a0250ebea85c85ae51b657f389621bc5bf562d2ab6a9ac9
SSDEEP

98304:r1dl2Z/HJZRDho+2WecrRGJw8OYsqc09JRl3txPOx/aC9qRZDUeEuxv8L28x:a/HHRDhf9918Vm/pMFUetxv8SW

Score

8^/10

Malware Config

Targets

- Target
  
  246f720b894852c4d1223b1b9dcb45a4a085de9895a41c002934a1a23bb54f76
- Size
  
  5.7MB
- MD5
  
  7798c39d0d07c28008028cfe27d0298d
- SHA1
  
  d8fd5474b243c8a8f63aee71f79cf4d12f5313de
- SHA256
  
  246f720b894852c4d1223b1b9dcb45a4a085de9895a41c002934a1a23bb54f76
- SHA512
  
  e847d55faf23f957c936e44737a6cfd7565cc2ab922a2c7bba7e77b5fe2e57bd47d6b3c467fd650a5a0250ebea85c85ae51b657f389621bc5bf562d2ab6a9ac9
- SSDEEP
  
  98304:r1dl2Z/HJZRDho+2WecrRGJw8OYsqc09JRl3txPOx/aC9qRZDUeEuxv8L28x:a/HHRDhf9918Vm/pMFUetxv8SW
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2