b2a82d07ec9aea9e239461b024b3e0c992ce4c6258087a16106909f5edf0e840 | Triage

Sharing

General

Target

b2a82d07ec9aea9e239461b024b3e0c992ce4c6258087a16106909f5edf0e840
Size

310KB
Sample

221201-xykr9acd24
MD5

61a2e2cc210015eea462e330a6a83854
SHA1

194364c7b52cbce44afbb66504b0f664cd855d87
SHA256

b2a82d07ec9aea9e239461b024b3e0c992ce4c6258087a16106909f5edf0e840
SHA512

0ed04bffe62dd748c55744a7ea0bffce8e094de675768356ff22597bc438e5a54fc0cdf671abf5e6ecb36701ccaa48774ce2d00b119e5b43b00a6b8d1b2d9bf7
SSDEEP

6144:yWlMpTJUIhGleD75qJ74nDWgRAkPc2fyuGQn8xID0DMFatlL:1M/UIhRD7AcR3PcwGLxe0DttlL

Score

8^/10

Malware Config

Targets

- Target
  
  b2a82d07ec9aea9e239461b024b3e0c992ce4c6258087a16106909f5edf0e840
- Size
  
  310KB
- MD5
  
  61a2e2cc210015eea462e330a6a83854
- SHA1
  
  194364c7b52cbce44afbb66504b0f664cd855d87
- SHA256
  
  b2a82d07ec9aea9e239461b024b3e0c992ce4c6258087a16106909f5edf0e840
- SHA512
  
  0ed04bffe62dd748c55744a7ea0bffce8e094de675768356ff22597bc438e5a54fc0cdf671abf5e6ecb36701ccaa48774ce2d00b119e5b43b00a6b8d1b2d9bf7
- SSDEEP
  
  6144:yWlMpTJUIhGleD75qJ74nDWgRAkPc2fyuGQn8xID0DMFatlL:1M/UIhRD7AcR3PcwGLxe0DttlL
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2