d3bdc82b9dac56c0c627a57095b8acfc96753e5df4849b2cf7949f44cb9e5656 | Triage

Sharing

General

Target

d3bdc82b9dac56c0c627a57095b8acfc96753e5df4849b2cf7949f44cb9e5656
Size

1.4MB
Sample

221201-p795hadg4x
MD5

b428e5d6f582edeccd49c4a8a42449f8
SHA1

f9ea1edee886d38e5543e2d98221ba87fea3a514
SHA256

d3bdc82b9dac56c0c627a57095b8acfc96753e5df4849b2cf7949f44cb9e5656
SHA512

970e9127c17ed87f73782de129baeb144602f16d93cc21189f9faae36aaa7ac29f311443d4f88eb6e48347bebaa739b937263a728c690fcf74756b7faf81ca0f
SSDEEP

24576:ZAYKY2GH6W0vXJccTACK5nSc61JtDlxnIvL0nEG5a7sR+y2rr71Z8xxn7F9AurMK:ZAJY9s5/Ann0JWLAEpy2rr71k7FKuruy

Score

8^/10

Malware Config

Targets

- Target
  
  d3bdc82b9dac56c0c627a57095b8acfc96753e5df4849b2cf7949f44cb9e5656
- Size
  
  1.4MB
- MD5
  
  b428e5d6f582edeccd49c4a8a42449f8
- SHA1
  
  f9ea1edee886d38e5543e2d98221ba87fea3a514
- SHA256
  
  d3bdc82b9dac56c0c627a57095b8acfc96753e5df4849b2cf7949f44cb9e5656
- SHA512
  
  970e9127c17ed87f73782de129baeb144602f16d93cc21189f9faae36aaa7ac29f311443d4f88eb6e48347bebaa739b937263a728c690fcf74756b7faf81ca0f
- SSDEEP
  
  24576:ZAYKY2GH6W0vXJccTACK5nSc61JtDlxnIvL0nEG5a7sR+y2rr71Z8xxn7F9AurMK:ZAJY9s5/Ann0JWLAEpy2rr71k7FKuruy
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2