ba2295d80eaf56ed2622a2a6a8bb004117314efaefb33f04ac149105109382d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba2295d80eaf56ed2622a2a6a8bb004117314efaefb33f04ac149105109382d2
Size

198KB
Sample

221129-d7y7fsfc81
MD5

73d3c630bb65b8b2bdbca416c1b45e22
SHA1

338c42557b528b41f38942bbc9fa8ba6d6d40908
SHA256

ba2295d80eaf56ed2622a2a6a8bb004117314efaefb33f04ac149105109382d2
SHA512

4c3738ccc9c4f1556db4fddb0f0f8b914759a4ab2c9faa569bd7bb113807bf26480c3e7b33eba9014b6e3be3e6f53ac3bfd926cab991f89d540d878006218112
SSDEEP

6144:ZcWMJJhqryYP/daq7o0ZtLs2995RHM3+Sq:ZczJJhqrVPlw0zLbTXHV

Score

8^/10

Malware Config

Targets

- Target
  
  ba2295d80eaf56ed2622a2a6a8bb004117314efaefb33f04ac149105109382d2
- Size
  
  198KB
- MD5
  
  73d3c630bb65b8b2bdbca416c1b45e22
- SHA1
  
  338c42557b528b41f38942bbc9fa8ba6d6d40908
- SHA256
  
  ba2295d80eaf56ed2622a2a6a8bb004117314efaefb33f04ac149105109382d2
- SHA512
  
  4c3738ccc9c4f1556db4fddb0f0f8b914759a4ab2c9faa569bd7bb113807bf26480c3e7b33eba9014b6e3be3e6f53ac3bfd926cab991f89d540d878006218112
- SSDEEP
  
  6144:ZcWMJJhqryYP/daq7o0ZtLs2995RHM3+Sq:ZczJJhqrVPlw0zLbTXHV
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2