8ca8f81907a993583c70819ba014b54f67794ab9a96a1c9136c82cb0673f7251 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ca8f81907a993583c70819ba014b54f67794ab9a96a1c9136c82cb0673f7251
Size

2.2MB
Sample

221127-sy293sgh58
MD5

295bd3457a46b34102829bd2c76dd5ea
SHA1

9681a9329a0341e334f0f7c09f238bccaeddfb1e
SHA256

8ca8f81907a993583c70819ba014b54f67794ab9a96a1c9136c82cb0673f7251
SHA512

88b3243866418565aaa97171e64176c64a32d374b45f7ddab5bb4925c45192adbc33d5ba5473673fcd23b7951873257f0d1ece06392aa6fc40b95848c30cd410
SSDEEP

49152:KBf7XJwqGNynX40G4R0f+nboCIebTOmMK3YIvdqnDPz6Pz6Pz6Pz6Pz4cOU7m6oq:KNXJwqGOIqHUdWj4r6r6r6r6rLOU7pD

Score

8^/10

Malware Config

Targets

- Target
  
  8ca8f81907a993583c70819ba014b54f67794ab9a96a1c9136c82cb0673f7251
- Size
  
  2.2MB
- MD5
  
  295bd3457a46b34102829bd2c76dd5ea
- SHA1
  
  9681a9329a0341e334f0f7c09f238bccaeddfb1e
- SHA256
  
  8ca8f81907a993583c70819ba014b54f67794ab9a96a1c9136c82cb0673f7251
- SHA512
  
  88b3243866418565aaa97171e64176c64a32d374b45f7ddab5bb4925c45192adbc33d5ba5473673fcd23b7951873257f0d1ece06392aa6fc40b95848c30cd410
- SSDEEP
  
  49152:KBf7XJwqGNynX40G4R0f+nboCIebTOmMK3YIvdqnDPz6Pz6Pz6Pz6Pz4cOU7m6oq:KNXJwqGOIqHUdWj4r6r6r6r6rLOU7pD
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2