adf3b5f6ff5510521cec6cd1a7aa7a40f926e0144d28204754ff948973d038e7 | Triage

Sharing

General

Target

adf3b5f6ff5510521cec6cd1a7aa7a40f926e0144d28204754ff948973d038e7
Size

351KB
Sample

221129-dtb5rsaf59
MD5

d758c3bc9f30553157d9accb22dc8897
SHA1

aa888695f244306faea62beeb497f0dc4381905d
SHA256

adf3b5f6ff5510521cec6cd1a7aa7a40f926e0144d28204754ff948973d038e7
SHA512

88ce9c8effc66b8c3da800fc252d6db88757535ebc279415b33ed0913cc117fd7a0b3ae8e32960864a9d00e3c05f42ad4812926445e2981079b6060cf6f093e4
SSDEEP

6144:BME1nmg1tDbJ5621YNzigKarmXGfol3MavBGL8ap7mdALnXOGkUTYAm802G1wZ7C:ugnJzqAlLvBva7m+Ln5kcjhHG1+UWw

Score

8^/10

Malware Config

Targets

- Target
  
  adf3b5f6ff5510521cec6cd1a7aa7a40f926e0144d28204754ff948973d038e7
- Size
  
  351KB
- MD5
  
  d758c3bc9f30553157d9accb22dc8897
- SHA1
  
  aa888695f244306faea62beeb497f0dc4381905d
- SHA256
  
  adf3b5f6ff5510521cec6cd1a7aa7a40f926e0144d28204754ff948973d038e7
- SHA512
  
  88ce9c8effc66b8c3da800fc252d6db88757535ebc279415b33ed0913cc117fd7a0b3ae8e32960864a9d00e3c05f42ad4812926445e2981079b6060cf6f093e4
- SSDEEP
  
  6144:BME1nmg1tDbJ5621YNzigKarmXGfol3MavBGL8ap7mdALnXOGkUTYAm802G1wZ7C:ugnJzqAlLvBva7m+Ln5kcjhHG1+UWw
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2