a8544423a0d98a95c23bea8e5aa911864d4cbf7c9d67996bee1b1f3183751e4d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8544423a0d98a95c23bea8e5aa911864d4cbf7c9d67996bee1b1f3183751e4d
Size

274KB
Sample

221202-142vhahg88
MD5

d66d6cc5408de634ceb9a0cfddcd8764
SHA1

1d2aae8527ad33cbcc32384211fe0f81b6b103b0
SHA256

a8544423a0d98a95c23bea8e5aa911864d4cbf7c9d67996bee1b1f3183751e4d
SHA512

ba6c020ee96ccd52d0587f8e3c50ed29efcfd705d7869d3507c9428025abb32bd7a245f67fcd577680a5f0db3e032ddc76dbea13b1743b79b7b1ede912340a0f
SSDEEP

6144:oEqOpWSr7VsU6Z1I8xzMahPKoweGnqYvZk+BGyg00P:zxr5v6Z1FlKowew3kLyIP

Score

8^/10

Malware Config

Targets

- Target
  
  2.exe
- Size
  
  286KB
- MD5
  
  21a0f2d6b206055e73336200555c24b6
- SHA1
  
  df15892042d418d1653afdb40bb74f409725fffa
- SHA256
  
  30f32f21f004d97c2cf95d78bd1285486813eb2e96aad1a6fa07b0cb9e224e50
- SHA512
  
  1400b01bb972fa924fedc4e0a0c068d0484a5211a7d994897ce1a7d2351a6acda39eb1bf72a9ce74ef14b3e0c2cb21f749eddd225c605b2d12a0419f0521441e
- SSDEEP
  
  6144:SNliLDgEmzt2weZI8xzJahGK6weG4qYvZXdBGig00rT:YleEEmzkweZFZK6wev3XWiIrT
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2