78e3b115df400157e292c1bfd8e9e1ceab7bed04212349d29e28e0e17cb95b89 | Triage

Sharing

General

Target

78e3b115df400157e292c1bfd8e9e1ceab7bed04212349d29e28e0e17cb95b89
Size

245KB
Sample

221201-2jn9cacb31
MD5

e005a61a0266c90d665a6ba6d4291204
SHA1

40acbf11d86b34900994459a334855e0f1a79f6b
SHA256

78e3b115df400157e292c1bfd8e9e1ceab7bed04212349d29e28e0e17cb95b89
SHA512

3304e45f5f8f12f54c5f99e9c45a9d9426124a838c1c366848ef8e450d289639104c53091953cf3cb3426861d6df413a9f6b03b5e2b297d19155505020673f6e
SSDEEP

6144:iZ58dVwgaXRlOavUbl5ll4DQFu/U3buRKlemZ9DnGAeo9XIsXakKmXzKatx:icdVLahLvUblrl4DQFu/U3buRKlemZ95

Score

8^/10

Malware Config

Targets

- Target
  
  78e3b115df400157e292c1bfd8e9e1ceab7bed04212349d29e28e0e17cb95b89
- Size
  
  245KB
- MD5
  
  e005a61a0266c90d665a6ba6d4291204
- SHA1
  
  40acbf11d86b34900994459a334855e0f1a79f6b
- SHA256
  
  78e3b115df400157e292c1bfd8e9e1ceab7bed04212349d29e28e0e17cb95b89
- SHA512
  
  3304e45f5f8f12f54c5f99e9c45a9d9426124a838c1c366848ef8e450d289639104c53091953cf3cb3426861d6df413a9f6b03b5e2b297d19155505020673f6e
- SSDEEP
  
  6144:iZ58dVwgaXRlOavUbl5ll4DQFu/U3buRKlemZ9DnGAeo9XIsXakKmXzKatx:icdVLahLvUblrl4DQFu/U3buRKlemZ95
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2