19b8c9f5ff2c350aab84ec505ff9698861241f3ceb7b0686aff0486502674d39 | Triage

Sharing

General

Target

19b8c9f5ff2c350aab84ec505ff9698861241f3ceb7b0686aff0486502674d39
Size

25.3MB
Sample

221127-k64twaee98
MD5

902b9fcf23d2d0acab8c79c895dcaff2
SHA1

c28c882ed8023e6450c2d891a6666df09ef834a3
SHA256

19b8c9f5ff2c350aab84ec505ff9698861241f3ceb7b0686aff0486502674d39
SHA512

472eb587134a74b03429fe82b96bb6dd5ef6d4c497f6c69ee1719c85adad8606a4c6ddfb9dae90e62ced7d09467c15e50e74fdee2b6d8361b4bf4f13ec3dfc67
SSDEEP

786432:0fTzAyYY8Jrqs+RCUJq1NWzdlLU7RKJVKcop:0BYY8Bq/YP1cI7EJVSp

Score

8^/10

Malware Config

Targets

- Target
  
  19b8c9f5ff2c350aab84ec505ff9698861241f3ceb7b0686aff0486502674d39
- Size
  
  25.3MB
- MD5
  
  902b9fcf23d2d0acab8c79c895dcaff2
- SHA1
  
  c28c882ed8023e6450c2d891a6666df09ef834a3
- SHA256
  
  19b8c9f5ff2c350aab84ec505ff9698861241f3ceb7b0686aff0486502674d39
- SHA512
  
  472eb587134a74b03429fe82b96bb6dd5ef6d4c497f6c69ee1719c85adad8606a4c6ddfb9dae90e62ced7d09467c15e50e74fdee2b6d8361b4bf4f13ec3dfc67
- SSDEEP
  
  786432:0fTzAyYY8Jrqs+RCUJq1NWzdlLU7RKJVKcop:0BYY8Bq/YP1cI7EJVSp
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2