9703448cde8d84c2039bbccac361a939f3658eb080fa9f5873870bcb3717969b | Triage

Sharing

General

Target

9703448cde8d84c2039bbccac361a939f3658eb080fa9f5873870bcb3717969b
Size

458KB
Sample

221129-fk4vjaga52
MD5

e623e316461a5179f70fe8ceba7d0ad4
SHA1

19d00d96b16822e1b76fa5ee890389b8a0238d6d
SHA256

9703448cde8d84c2039bbccac361a939f3658eb080fa9f5873870bcb3717969b
SHA512

fc48297f187a33c6d1ac03ae8daa8c0fe55ac33dc46680c0f406bd8eef0046f4961ddcafd8c1ca208ffad4adfca37c6abdd6b40221594836c6016d0dd825fd5b
SSDEEP

12288:TUWA3AheuswyemhdS36N0eenbTdW8AgAXTp12gkM:TUWqiste9KDebT48AgqTp1f

Score

8^/10

Malware Config

Targets

- Target
  
  9703448cde8d84c2039bbccac361a939f3658eb080fa9f5873870bcb3717969b
- Size
  
  458KB
- MD5
  
  e623e316461a5179f70fe8ceba7d0ad4
- SHA1
  
  19d00d96b16822e1b76fa5ee890389b8a0238d6d
- SHA256
  
  9703448cde8d84c2039bbccac361a939f3658eb080fa9f5873870bcb3717969b
- SHA512
  
  fc48297f187a33c6d1ac03ae8daa8c0fe55ac33dc46680c0f406bd8eef0046f4961ddcafd8c1ca208ffad4adfca37c6abdd6b40221594836c6016d0dd825fd5b
- SSDEEP
  
  12288:TUWA3AheuswyemhdS36N0eenbTdW8AgAXTp12gkM:TUWqiste9KDebT48AgqTp1f
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2