823d030488572436d740282a5c790910bf455775c52fc25c0278072357d3900c | Triage

Sharing

General

Target

823d030488572436d740282a5c790910bf455775c52fc25c0278072357d3900c
Size

3.8MB
Sample

221201-cpy83aeg79
MD5

5f6ae7b2a016eee0ecd4a54ece4fce6f
SHA1

6a74cd7a9d86ef77fe21d48f2db8420421920687
SHA256

823d030488572436d740282a5c790910bf455775c52fc25c0278072357d3900c
SHA512

2946bd1a8fa22d9070f72ee72d68092e05d71171422bdd2bf1f8684fdb9b0c480e62b446667b9b742b617d61d4f9c61b905d7388b7d0da989fe7f38ea6ff4c07
SSDEEP

98304:ourAMjG8MOqNwo0cObEOunNsUL7zPfU9+B2ilyL5:jPP6GcObERNfLXs9+BLq

Score

8^/10

Malware Config

Targets

- Target
  
  823d030488572436d740282a5c790910bf455775c52fc25c0278072357d3900c
- Size
  
  3.8MB
- MD5
  
  5f6ae7b2a016eee0ecd4a54ece4fce6f
- SHA1
  
  6a74cd7a9d86ef77fe21d48f2db8420421920687
- SHA256
  
  823d030488572436d740282a5c790910bf455775c52fc25c0278072357d3900c
- SHA512
  
  2946bd1a8fa22d9070f72ee72d68092e05d71171422bdd2bf1f8684fdb9b0c480e62b446667b9b742b617d61d4f9c61b905d7388b7d0da989fe7f38ea6ff4c07
- SSDEEP
  
  98304:ourAMjG8MOqNwo0cObEOunNsUL7zPfU9+B2ilyL5:jPP6GcObERNfLXs9+BLq
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2