ad60c5930c75d46439141531135d0397eda61c2aac6153ce3f984a5350881d68 | Triage

Sharing

General

Target

ad60c5930c75d46439141531135d0397eda61c2aac6153ce3f984a5350881d68
Size

16.2MB
Sample

221128-dg3rysac68
MD5

029c5055974ee6fc6df0b6fe5a1c3cd6
SHA1

06addb3c85ca775121c8fec0043c3bb59e54d71c
SHA256

ad60c5930c75d46439141531135d0397eda61c2aac6153ce3f984a5350881d68
SHA512

bfc9e1fc336601f9f5a03775e4d58a746b97b09ceb93ea204ff2100229ed9103e5d6b8bdd912ee688e7910112adcd029398e40c939f4ef5fc16a29411d7dea31
SSDEEP

393216:sGS2dxWG0JoK/l9eTlvtaTnf+x6ZaNm+xZ3ujvMuyGLzfFW8zt1eqL:sGtfWG0Jou298TCtNmSZ34vhLbFb3V

Score

8^/10

Malware Config

Targets

- Target
  
  ad60c5930c75d46439141531135d0397eda61c2aac6153ce3f984a5350881d68
- Size
  
  16.2MB
- MD5
  
  029c5055974ee6fc6df0b6fe5a1c3cd6
- SHA1
  
  06addb3c85ca775121c8fec0043c3bb59e54d71c
- SHA256
  
  ad60c5930c75d46439141531135d0397eda61c2aac6153ce3f984a5350881d68
- SHA512
  
  bfc9e1fc336601f9f5a03775e4d58a746b97b09ceb93ea204ff2100229ed9103e5d6b8bdd912ee688e7910112adcd029398e40c939f4ef5fc16a29411d7dea31
- SSDEEP
  
  393216:sGS2dxWG0JoK/l9eTlvtaTnf+x6ZaNm+xZ3ujvMuyGLzfFW8zt1eqL:sGtfWG0Jou298TCtNmSZ34vhLbFb3V
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2