35960e31a028aba8ee6c18a61648fba08deba04132f02e556efca68ec4dc7e2c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35960e31a028aba8ee6c18a61648fba08deba04132f02e556efca68ec4dc7e2c
Size

379KB
Sample

221127-nmfjqagh6z
MD5

49a17f961a774f633cdd05c054510471
SHA1

8a5913ae552034feafdb43274b2d4c6ec7cf2105
SHA256

35960e31a028aba8ee6c18a61648fba08deba04132f02e556efca68ec4dc7e2c
SHA512

424818239c80f3419718c6fefd16a4aa7521f146bcd01ea1b16982dd5467efc875c587a263657b7e78d349bfbed0dd09781b258c9e34b32a9ac48fa62b7c9b87
SSDEEP

6144:v/aUsuryt1achgVK4wOpPEyLbZtASKzyPMbDLS6Zhlz7JsSs+FsY6sDom:v/aUsuYachgVK4QylrPwKeh17hfSYZ

Score

8^/10

Malware Config

Targets

- Target
  
  35960e31a028aba8ee6c18a61648fba08deba04132f02e556efca68ec4dc7e2c
- Size
  
  379KB
- MD5
  
  49a17f961a774f633cdd05c054510471
- SHA1
  
  8a5913ae552034feafdb43274b2d4c6ec7cf2105
- SHA256
  
  35960e31a028aba8ee6c18a61648fba08deba04132f02e556efca68ec4dc7e2c
- SHA512
  
  424818239c80f3419718c6fefd16a4aa7521f146bcd01ea1b16982dd5467efc875c587a263657b7e78d349bfbed0dd09781b258c9e34b32a9ac48fa62b7c9b87
- SSDEEP
  
  6144:v/aUsuryt1achgVK4wOpPEyLbZtASKzyPMbDLS6Zhlz7JsSs+FsY6sDom:v/aUsuYachgVK4QylrPwKeh17hfSYZ
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2