547f202390277b7fb33c12994130f2044748dfab34ee2cb5d4996f5b062a0422 | Triage

Sharing

General

Target

547f202390277b7fb33c12994130f2044748dfab34ee2cb5d4996f5b062a0422
Size

4.6MB
Sample

221129-slphfsea6t
MD5

b732e893505b753a9c2d8bdb16bce4a0
SHA1

8eda3b9dae91d58e9c6fd36d923319c755df91ca
SHA256

547f202390277b7fb33c12994130f2044748dfab34ee2cb5d4996f5b062a0422
SHA512

c6cfaaf2d504f60f8c799613bcad3023a974412670874c4d48f909d2245791bbccff69348e4e6a5c9f7a32dae5ecbfe9cceec3e8836d24fa62970732d0ca68ae
SSDEEP

98304:i1WVabJDxrp6S6elUavr28/gpjFOQ6LxLZa6Sjy+58Rq:UAabJDzD68EOd7u2+5Mq

Score

8^/10

Malware Config

Targets

- Target
  
  547f202390277b7fb33c12994130f2044748dfab34ee2cb5d4996f5b062a0422
- Size
  
  4.6MB
- MD5
  
  b732e893505b753a9c2d8bdb16bce4a0
- SHA1
  
  8eda3b9dae91d58e9c6fd36d923319c755df91ca
- SHA256
  
  547f202390277b7fb33c12994130f2044748dfab34ee2cb5d4996f5b062a0422
- SHA512
  
  c6cfaaf2d504f60f8c799613bcad3023a974412670874c4d48f909d2245791bbccff69348e4e6a5c9f7a32dae5ecbfe9cceec3e8836d24fa62970732d0ca68ae
- SSDEEP
  
  98304:i1WVabJDxrp6S6elUavr28/gpjFOQ6LxLZa6Sjy+58Rq:UAabJDzD68EOd7u2+5Mq
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2