b0d75ca48a0ab3fb6df980186546748faf2105e23f974c89d38b69126201df3a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0d75ca48a0ab3fb6df980186546748faf2105e23f974c89d38b69126201df3a
Size

205KB
Sample

221129-q4v2vagh9z
MD5

ca167c2f9f14319eb8459753c46c9626
SHA1

af8e751638940efb8c25fa434efa58c260f39247
SHA256

b0d75ca48a0ab3fb6df980186546748faf2105e23f974c89d38b69126201df3a
SHA512

b06f05afdee97c693fc5668e4a0ebb4073dd285d6353895f6615a5998a553d27842f9acf135233a4b19c16d7d49830c3050319c34874e9bb79ee5b2bc4a2c38b
SSDEEP

3072:WwxVMhOC/dTDbq91+mno3t4QZQ3rAHUe7Zxz1tXNestE//yvljq1Gl+:WTfFDbRnOTrARtxz1lYsa/IjK9

Score

8^/10

Malware Config

Targets

- Target
  
  b0d75ca48a0ab3fb6df980186546748faf2105e23f974c89d38b69126201df3a
- Size
  
  205KB
- MD5
  
  ca167c2f9f14319eb8459753c46c9626
- SHA1
  
  af8e751638940efb8c25fa434efa58c260f39247
- SHA256
  
  b0d75ca48a0ab3fb6df980186546748faf2105e23f974c89d38b69126201df3a
- SHA512
  
  b06f05afdee97c693fc5668e4a0ebb4073dd285d6353895f6615a5998a553d27842f9acf135233a4b19c16d7d49830c3050319c34874e9bb79ee5b2bc4a2c38b
- SSDEEP
  
  3072:WwxVMhOC/dTDbq91+mno3t4QZQ3rAHUe7Zxz1tXNestE//yvljq1Gl+:WTfFDbRnOTrARtxz1lYsa/IjK9
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2