525561244522246a144a2a315e6cc6c42b85783691262baacf7ff30e256214ce | Triage

Sharing

General

Target

525561244522246a144a2a315e6cc6c42b85783691262baacf7ff30e256214ce
Size

167KB
Sample

221201-pprv7sgb94
MD5

657be927db12ff12b3b21f333139a214
SHA1

478032cadfadf385ff12a2ed6442830cff61bded
SHA256

525561244522246a144a2a315e6cc6c42b85783691262baacf7ff30e256214ce
SHA512

2ed135d43646b1cfb9615c05ff0298e167b690ffff88dd5ce3282cf99829253f50a056dda0989f228600781cda603cbbac29d341a262a3dad90afc6426172eed
SSDEEP

3072:9YP2XerzhOUxu/XUtauOHgriEJPKuS/6mT4:9u2urzh9xu/XkauOArrUu/t

Score

8^/10

Malware Config

Targets

- Target
  
  525561244522246a144a2a315e6cc6c42b85783691262baacf7ff30e256214ce
- Size
  
  167KB
- MD5
  
  657be927db12ff12b3b21f333139a214
- SHA1
  
  478032cadfadf385ff12a2ed6442830cff61bded
- SHA256
  
  525561244522246a144a2a315e6cc6c42b85783691262baacf7ff30e256214ce
- SHA512
  
  2ed135d43646b1cfb9615c05ff0298e167b690ffff88dd5ce3282cf99829253f50a056dda0989f228600781cda603cbbac29d341a262a3dad90afc6426172eed
- SSDEEP
  
  3072:9YP2XerzhOUxu/XUtauOHgriEJPKuS/6mT4:9u2urzh9xu/XkauOArrUu/t
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2