92bc50f793fb33fdbda877e6a65e90ea7573e2451f700f9740d187955c7e69d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92bc50f793fb33fdbda877e6a65e90ea7573e2451f700f9740d187955c7e69d0
Size

236KB
Sample

221202-18773sac48
MD5

cb1c7492dccd81fcc2daa38079b86478
SHA1

85526f8427f364b1cb31ef3462c99eb4a3c74d87
SHA256

92bc50f793fb33fdbda877e6a65e90ea7573e2451f700f9740d187955c7e69d0
SHA512

3cbc19dbdb79f0a7085f12ec05293dd6e6d9153a8469eb3e4882808fc91c5615a8a031180066a138be56c7288f30693c47829068d1193b0774e3f46acd3d747b
SSDEEP

3072:rGsn+WinPl0S2UDRfwL0cV7GQaeLPAwxZYn48rck:rGFWind2UDKOeLPAqY4M

Score

8^/10

Malware Config

Targets

- Target
  
  92bc50f793fb33fdbda877e6a65e90ea7573e2451f700f9740d187955c7e69d0
- Size
  
  236KB
- MD5
  
  cb1c7492dccd81fcc2daa38079b86478
- SHA1
  
  85526f8427f364b1cb31ef3462c99eb4a3c74d87
- SHA256
  
  92bc50f793fb33fdbda877e6a65e90ea7573e2451f700f9740d187955c7e69d0
- SHA512
  
  3cbc19dbdb79f0a7085f12ec05293dd6e6d9153a8469eb3e4882808fc91c5615a8a031180066a138be56c7288f30693c47829068d1193b0774e3f46acd3d747b
- SSDEEP
  
  3072:rGsn+WinPl0S2UDRfwL0cV7GQaeLPAwxZYn48rck:rGFWind2UDKOeLPAqY4M
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2