26b901af4a32869ffd1f452209d30df09a94e7b1257a64bffc8773cc593b152e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26b901af4a32869ffd1f452209d30df09a94e7b1257a64bffc8773cc593b152e
Size

23.9MB
Sample

221127-vddgbsgd2s
MD5

0f8ce01c3d656eb1c2566d3946110f2c
SHA1

7796339886d72f98cb474d8db7c44d44d0af7c26
SHA256

26b901af4a32869ffd1f452209d30df09a94e7b1257a64bffc8773cc593b152e
SHA512

17179c2559ac75b0cb935ad4981d0df6b941df59eadb1a58d3295e7c82cded72d28e3fbd1fbad9bdb0424e9a21d4abcf370a6a578a3346c9fe6e7a7a562deddb
SSDEEP

393216:tLRu3MWcRpBZTzdqinyQ75wvdQWA0OiaR3C8dZYhrTFw3WAP/GhP6VOOSP2o95dc:EMWcRp/fdqotHfZbpdZ+TF/AP/uP2OW7

Score

8^/10

Malware Config

Targets

- Target
  
  26b901af4a32869ffd1f452209d30df09a94e7b1257a64bffc8773cc593b152e
- Size
  
  23.9MB
- MD5
  
  0f8ce01c3d656eb1c2566d3946110f2c
- SHA1
  
  7796339886d72f98cb474d8db7c44d44d0af7c26
- SHA256
  
  26b901af4a32869ffd1f452209d30df09a94e7b1257a64bffc8773cc593b152e
- SHA512
  
  17179c2559ac75b0cb935ad4981d0df6b941df59eadb1a58d3295e7c82cded72d28e3fbd1fbad9bdb0424e9a21d4abcf370a6a578a3346c9fe6e7a7a562deddb
- SSDEEP
  
  393216:tLRu3MWcRpBZTzdqinyQ75wvdQWA0OiaR3C8dZYhrTFw3WAP/GhP6VOOSP2o95dc:EMWcRp/fdqotHfZbpdZ+TF/AP/uP2OW7
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2