75a503f515ede734ff631b31a1bb043350ba1f8054a4cd157e71e2c6e1c38e55 | Triage

Sharing

General

Target

75a503f515ede734ff631b31a1bb043350ba1f8054a4cd157e71e2c6e1c38e55
Size

289KB
Sample

221129-raecnshf3y
MD5

545984bc365031dfc4c2b01e55bd3f20
SHA1

7b10830bfc700bd64479bce97f85414d996eb280
SHA256

75a503f515ede734ff631b31a1bb043350ba1f8054a4cd157e71e2c6e1c38e55
SHA512

15116e60a4ae19d375f46ba0b2d0a38fe4f63b71907675a4cc2f28ca5c75a237a08eefe2aba3c51142f141a42bb73066b48e6e1e15aeee29d64f9820b3a78039
SSDEEP

6144:rQefyKxdygNOdgotZJMQD8Xj0pkU7ClVnAC3d4UupL0pRBN50mUl:rQefJW1RAQD8T0pPClCCtzpqbl

Score

8^/10

Malware Config

Targets

- Target
  
  75a503f515ede734ff631b31a1bb043350ba1f8054a4cd157e71e2c6e1c38e55
- Size
  
  289KB
- MD5
  
  545984bc365031dfc4c2b01e55bd3f20
- SHA1
  
  7b10830bfc700bd64479bce97f85414d996eb280
- SHA256
  
  75a503f515ede734ff631b31a1bb043350ba1f8054a4cd157e71e2c6e1c38e55
- SHA512
  
  15116e60a4ae19d375f46ba0b2d0a38fe4f63b71907675a4cc2f28ca5c75a237a08eefe2aba3c51142f141a42bb73066b48e6e1e15aeee29d64f9820b3a78039
- SSDEEP
  
  6144:rQefyKxdygNOdgotZJMQD8Xj0pkU7ClVnAC3d4UupL0pRBN50mUl:rQefJW1RAQD8T0pPClCCtzpqbl
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2