aa36f11d48a3c7e9687e2df740e1ff37ef8dd82fb52e74e88b74d0513a6c795a | Triage

Sharing

General

Target

aa36f11d48a3c7e9687e2df740e1ff37ef8dd82fb52e74e88b74d0513a6c795a
Size

15KB
Sample

221128-eat2xagd7t
MD5

f4cf26f41fd549e2b03ba7950c2bd9ec
SHA1

5aeed904b71179ecd67e7ecb4fe7d4f56ad039ad
SHA256

aa36f11d48a3c7e9687e2df740e1ff37ef8dd82fb52e74e88b74d0513a6c795a
SHA512

f249cf07d37cc6bcbecf4cd6a13e8b4531945eae09fc907d725e393fba047c92486b8e28946405726cab0d00f382214f4b2ffd8014da2f5bbab4871587590abc
SSDEEP

384:IPDitW8aFw1stvTFBQSpDGv+bRev/qrtHOT0Qwr:Ql8aF7VhBQIDGvmEvyrtMRw

Score

7^/10

Malware Config

Targets

- Target
  
  aa36f11d48a3c7e9687e2df740e1ff37ef8dd82fb52e74e88b74d0513a6c795a
- Size
  
  15KB
- MD5
  
  f4cf26f41fd549e2b03ba7950c2bd9ec
- SHA1
  
  5aeed904b71179ecd67e7ecb4fe7d4f56ad039ad
- SHA256
  
  aa36f11d48a3c7e9687e2df740e1ff37ef8dd82fb52e74e88b74d0513a6c795a
- SHA512
  
  f249cf07d37cc6bcbecf4cd6a13e8b4531945eae09fc907d725e393fba047c92486b8e28946405726cab0d00f382214f4b2ffd8014da2f5bbab4871587590abc
- SSDEEP
  
  384:IPDitW8aFw1stvTFBQSpDGv+bRev/qrtHOT0Qwr:Ql8aF7VhBQIDGvmEvyrtMRw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2