18f1725e993d60c1ba103960f2e63d0e2d1070b9c4b29d4962ab8b870a378815 | Triage

Sharing

General

Target

18f1725e993d60c1ba103960f2e63d0e2d1070b9c4b29d4962ab8b870a378815
Size

224KB
Sample

221128-brjqqahg2t
MD5

cfc0f77b4ad3fef86aaaa2d8703eb037
SHA1

df9bd4ab8cf65e5a20a19efbc5a907ac258c0188
SHA256

18f1725e993d60c1ba103960f2e63d0e2d1070b9c4b29d4962ab8b870a378815
SHA512

d484371988c01ccc500155d8b003fec8197db8093c2fdd2c0ecb1a357e4412b2279277097bfc6e151690da481cff336f2f6395ebc5735408be20495d16557257
SSDEEP

3072:G9SMKIuOHGexhCjG8G3GbGVGBGfGuGxGWYcrf6KadU:GMBbObxAYcD6Kad

Score

8^/10

Malware Config

Targets

- Target
  
  18f1725e993d60c1ba103960f2e63d0e2d1070b9c4b29d4962ab8b870a378815
- Size
  
  224KB
- MD5
  
  cfc0f77b4ad3fef86aaaa2d8703eb037
- SHA1
  
  df9bd4ab8cf65e5a20a19efbc5a907ac258c0188
- SHA256
  
  18f1725e993d60c1ba103960f2e63d0e2d1070b9c4b29d4962ab8b870a378815
- SHA512
  
  d484371988c01ccc500155d8b003fec8197db8093c2fdd2c0ecb1a357e4412b2279277097bfc6e151690da481cff336f2f6395ebc5735408be20495d16557257
- SSDEEP
  
  3072:G9SMKIuOHGexhCjG8G3GbGVGBGfGuGxGWYcrf6KadU:GMBbObxAYcD6Kad
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2