9ff4cef092fabac7201c04fa47518adeed847a9389fe6cb6e1e0c3c7f4cb52bb | Triage

Sharing

General

Target

9ff4cef092fabac7201c04fa47518adeed847a9389fe6cb6e1e0c3c7f4cb52bb
Size

195KB
Sample

221128-fe6ryabf5x
MD5

bb073ce32d59a9d899a52ce2754f2735
SHA1

61d3f7cb343814202111537c687290e89df347df
SHA256

9ff4cef092fabac7201c04fa47518adeed847a9389fe6cb6e1e0c3c7f4cb52bb
SHA512

82c7b54dd948f5a2934338683f7d8caa82ab910b0be1727952ad3c5e2ca9bc7273d7ee1cf49cd00a25a61b19165d156360d90cc04d598dfd9f5034cfb2a40fe6
SSDEEP

6144:sT/NkXkB4X8zYEovPRrmUmQ0yj169bOurwzKjrLIIYuM:I10kBI8I3RzkjrL+

Score

8^/10

Malware Config

Targets

- Target
  
  9ff4cef092fabac7201c04fa47518adeed847a9389fe6cb6e1e0c3c7f4cb52bb
- Size
  
  195KB
- MD5
  
  bb073ce32d59a9d899a52ce2754f2735
- SHA1
  
  61d3f7cb343814202111537c687290e89df347df
- SHA256
  
  9ff4cef092fabac7201c04fa47518adeed847a9389fe6cb6e1e0c3c7f4cb52bb
- SHA512
  
  82c7b54dd948f5a2934338683f7d8caa82ab910b0be1727952ad3c5e2ca9bc7273d7ee1cf49cd00a25a61b19165d156360d90cc04d598dfd9f5034cfb2a40fe6
- SSDEEP
  
  6144:sT/NkXkB4X8zYEovPRrmUmQ0yj169bOurwzKjrLIIYuM:I10kBI8I3RzkjrL+
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2