250c115026418da43315dbed4400eef962ce0bac146cdae45bfb76b2fc8655e3 | Triage

Sharing

General

Target

250c115026418da43315dbed4400eef962ce0bac146cdae45bfb76b2fc8655e3
Size

646KB
Sample

221129-rs7ryabe3z
MD5

4f75a4f0e4223d49c9c1f83eda657087
SHA1

70f5045c407146676e55c2311f75adc52851b85b
SHA256

250c115026418da43315dbed4400eef962ce0bac146cdae45bfb76b2fc8655e3
SHA512

87b92943e01ac3c3305ddc57d22984401b86577fd081d82d2fb1b102cb8ceb8bc1d2a267934d5c300db7a78fe1c8402844a8321cee0cfc9b727317caa6547f74
SSDEEP

12288:b1dlZo5y8E3k12MgGiFELWGgkeMzlELnqRs+gN/61XhhOzkoDQQyazsB3t:b1dlZo51HcKLvcMzlYTBS1Xhhkki6v

Score

8^/10

Malware Config

Targets

- Target
  
  250c115026418da43315dbed4400eef962ce0bac146cdae45bfb76b2fc8655e3
- Size
  
  646KB
- MD5
  
  4f75a4f0e4223d49c9c1f83eda657087
- SHA1
  
  70f5045c407146676e55c2311f75adc52851b85b
- SHA256
  
  250c115026418da43315dbed4400eef962ce0bac146cdae45bfb76b2fc8655e3
- SHA512
  
  87b92943e01ac3c3305ddc57d22984401b86577fd081d82d2fb1b102cb8ceb8bc1d2a267934d5c300db7a78fe1c8402844a8321cee0cfc9b727317caa6547f74
- SSDEEP
  
  12288:b1dlZo5y8E3k12MgGiFELWGgkeMzlELnqRs+gN/61XhhOzkoDQQyazsB3t:b1dlZo51HcKLvcMzlYTBS1Xhhkki6v
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2