ae57f3d965461cfc5f415ee8723bf303d7a84304193f133f6bda38833e16c2d1 | Triage

Resubmissions

01/12/2022, 12:41

221201-pw8gjace5x 7

01/12/2022, 12:34

221201-prtsksgd76 7

Sharing

Copy URL Twitter E-mail

General

Target

linda5.exe
Size

1.6MB
Sample

221201-prtsksgd76
MD5

58e8d57bf318d1a79efe91da6d27f968
SHA1

a32d01e5381a6d8e389415c8ab6daf13a88a8dc9
SHA256

ae57f3d965461cfc5f415ee8723bf303d7a84304193f133f6bda38833e16c2d1
SHA512

f3cec723946d189e7d93e1b791b503e7cb1c0ba60eb39fe0a5cd6e4524e12f0e79c3ebde1546f5e6a7478c20a4a8229da1fa2d346cada9ecc98d508760b038a7
SSDEEP

49152:H6hWgoxmFzmUaDWDFNSFk40qD8P/ADX0k:H6hlcmFz8uI5D8PoDX0k

Score

7^/10

Malware Config

Targets

- Target
  
  linda5.exe
- Size
  
  1.6MB
- MD5
  
  58e8d57bf318d1a79efe91da6d27f968
- SHA1
  
  a32d01e5381a6d8e389415c8ab6daf13a88a8dc9
- SHA256
  
  ae57f3d965461cfc5f415ee8723bf303d7a84304193f133f6bda38833e16c2d1
- SHA512
  
  f3cec723946d189e7d93e1b791b503e7cb1c0ba60eb39fe0a5cd6e4524e12f0e79c3ebde1546f5e6a7478c20a4a8229da1fa2d346cada9ecc98d508760b038a7
- SSDEEP
  
  49152:H6hWgoxmFzmUaDWDFNSFk40qD8P/ADX0k:H6hlcmFz8uI5D8PoDX0k
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2