b113caec0a2ecb2cd1d43a6a39a4f14267f8de1b3121b4d8ae8d6c4610b4d59f | Triage

Sharing

General

Target

b113caec0a2ecb2cd1d43a6a39a4f14267f8de1b3121b4d8ae8d6c4610b4d59f
Size

626KB
Sample

221126-rdrgeahd77
MD5

c2b63c4fc8e3e0e71fa36584b4765792
SHA1

246ad04759f060f7ccb2d10cb7f83c158f77994d
SHA256

b113caec0a2ecb2cd1d43a6a39a4f14267f8de1b3121b4d8ae8d6c4610b4d59f
SHA512

b0a58907f1cb906868cf450122f737f2efaf9f53fd3c26bc9dafbf098dd43158e7a33ff6bf6f2a0646257c1fd6b4b90c2a200494b63cb35f9073e9279d26aad8
SSDEEP

12288:s1dlZo5yqWHB5s/OBJQdCyiHRkCAmQ3w5hncFK9wTuLnFcvKvV:s1dlZo5dYEScziHRR0w5hcrGKCvV

Score

8^/10

Malware Config

Targets

- Target
  
  b113caec0a2ecb2cd1d43a6a39a4f14267f8de1b3121b4d8ae8d6c4610b4d59f
- Size
  
  626KB
- MD5
  
  c2b63c4fc8e3e0e71fa36584b4765792
- SHA1
  
  246ad04759f060f7ccb2d10cb7f83c158f77994d
- SHA256
  
  b113caec0a2ecb2cd1d43a6a39a4f14267f8de1b3121b4d8ae8d6c4610b4d59f
- SHA512
  
  b0a58907f1cb906868cf450122f737f2efaf9f53fd3c26bc9dafbf098dd43158e7a33ff6bf6f2a0646257c1fd6b4b90c2a200494b63cb35f9073e9279d26aad8
- SSDEEP
  
  12288:s1dlZo5yqWHB5s/OBJQdCyiHRkCAmQ3w5hncFK9wTuLnFcvKvV:s1dlZo5dYEScziHRR0w5hcrGKCvV
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2