8027579ee0b7c830baf725a762661c5a7956c23f1a78410f0b6a8577c6940546 | Triage

Sharing

General

Target

8027579ee0b7c830baf725a762661c5a7956c23f1a78410f0b6a8577c6940546
Size

2.0MB
Sample

221201-2bmqjsbd3t
MD5

9c9c321d09a809f71d189946614de800
SHA1

16eb9daec389ba7e274fc872507c62bdfc5ed189
SHA256

8027579ee0b7c830baf725a762661c5a7956c23f1a78410f0b6a8577c6940546
SHA512

c2e8f6e78c2d1ea9dc3613f4b2c21b64dcfd3b2b28b48679eb99921c1efbea3d37e081c831b23ab2b8d240ed1d60db89f31e4918624cdba693104f064cfd1ed2
SSDEEP

24576:AIVGx9VkSI0sBYOWQ96k63vNZDJyP4WNhNfua9rHQqq/hrweTt59WwPmWmBNWDjb:AIVGG/0vhTfDUrNbORJh7WwPTjgDGPz

Score

8^/10

Malware Config

Targets

- Target
  
  8027579ee0b7c830baf725a762661c5a7956c23f1a78410f0b6a8577c6940546
- Size
  
  2.0MB
- MD5
  
  9c9c321d09a809f71d189946614de800
- SHA1
  
  16eb9daec389ba7e274fc872507c62bdfc5ed189
- SHA256
  
  8027579ee0b7c830baf725a762661c5a7956c23f1a78410f0b6a8577c6940546
- SHA512
  
  c2e8f6e78c2d1ea9dc3613f4b2c21b64dcfd3b2b28b48679eb99921c1efbea3d37e081c831b23ab2b8d240ed1d60db89f31e4918624cdba693104f064cfd1ed2
- SSDEEP
  
  24576:AIVGx9VkSI0sBYOWQ96k63vNZDJyP4WNhNfua9rHQqq/hrweTt59WwPmWmBNWDjb:AIVGG/0vhTfDUrNbORJh7WwPTjgDGPz
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2