b60061c194000f6ac63932f058b6ac156b3193acc02a8a31aea7402c5eeda9c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b60061c194000f6ac63932f058b6ac156b3193acc02a8a31aea7402c5eeda9c8
Size

274KB
Sample

221201-hqlbgsdg65
MD5

b17a72357abf7c4aba2e173ebe633ac7
SHA1

576ba71aa8802880324300e2be88cd3f2ac5ce49
SHA256

b60061c194000f6ac63932f058b6ac156b3193acc02a8a31aea7402c5eeda9c8
SHA512

26754ac9c2b9727f7ce5debcf4a4bda3aea074d80c94f3c11a3c109e533b995299ec2c79b15d601f064f11e819fb229b2ea3c3a72c57fcba1c02c6de2a15f94c
SSDEEP

6144:FsaocyLCecZ/gU1T4t74kWZNSi7L360SNIG8A17s:FtoboJ1TQcHXxL360SSLi4

Score

8^/10

Malware Config

Targets

- Target
  
  b60061c194000f6ac63932f058b6ac156b3193acc02a8a31aea7402c5eeda9c8
- Size
  
  274KB
- MD5
  
  b17a72357abf7c4aba2e173ebe633ac7
- SHA1
  
  576ba71aa8802880324300e2be88cd3f2ac5ce49
- SHA256
  
  b60061c194000f6ac63932f058b6ac156b3193acc02a8a31aea7402c5eeda9c8
- SHA512
  
  26754ac9c2b9727f7ce5debcf4a4bda3aea074d80c94f3c11a3c109e533b995299ec2c79b15d601f064f11e819fb229b2ea3c3a72c57fcba1c02c6de2a15f94c
- SSDEEP
  
  6144:FsaocyLCecZ/gU1T4t74kWZNSi7L360SNIG8A17s:FtoboJ1TQcHXxL360SSLi4
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2