a2c7f1b35c0e0034361522682aecd647ae75769d5ec8db4c08c9bb03b2201289 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2c7f1b35c0e0034361522682aecd647ae75769d5ec8db4c08c9bb03b2201289
Size

11.6MB
Sample

221127-vcrbsscg64
MD5

4fa97ffc7548600dc4b9db0600ec2879
SHA1

713b08b5bb822754bf21eb4f88429193bb75987d
SHA256

a2c7f1b35c0e0034361522682aecd647ae75769d5ec8db4c08c9bb03b2201289
SHA512

7b1896b687b21889301d6c37d98b976df339fad874a994ee53111a7b405a5a794b33822890d1d63ad8221d7294c479b3acb7e454f7ba02bde9b047b9d27a360a
SSDEEP

196608:QBJuweXVAAYrhsQeFYuZ8oDxNiAiVRIU0ykYHK77AMed9qfKzm6338:QBILxYr6Q8YuZ8UxV2IcK7MMed99m6c

Score

8^/10

Malware Config

Targets

- Target
  
  a2c7f1b35c0e0034361522682aecd647ae75769d5ec8db4c08c9bb03b2201289
- Size
  
  11.6MB
- MD5
  
  4fa97ffc7548600dc4b9db0600ec2879
- SHA1
  
  713b08b5bb822754bf21eb4f88429193bb75987d
- SHA256
  
  a2c7f1b35c0e0034361522682aecd647ae75769d5ec8db4c08c9bb03b2201289
- SHA512
  
  7b1896b687b21889301d6c37d98b976df339fad874a994ee53111a7b405a5a794b33822890d1d63ad8221d7294c479b3acb7e454f7ba02bde9b047b9d27a360a
- SSDEEP
  
  196608:QBJuweXVAAYrhsQeFYuZ8oDxNiAiVRIU0ykYHK77AMed9qfKzm6338:QBILxYr6Q8YuZ8UxV2IcK7MMed99m6c
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2