bb6daea6337de03f079afc408c7ba05e1d8dc6a225e96e0253a73bdf05115778 | Triage

Sharing

General

Target

bb6daea6337de03f079afc408c7ba05e1d8dc6a225e96e0253a73bdf05115778
Size

706KB
Sample

221202-22bqzaga4z
MD5

56fcf0859775d2ff57e143e276d77a5b
SHA1

e9815475d8756d42e4cc803e311aefea28ae83db
SHA256

bb6daea6337de03f079afc408c7ba05e1d8dc6a225e96e0253a73bdf05115778
SHA512

c8f23f7f88792ac6c99293376ce94e74f9dbaae2cff36808694e8c2126dc43953334e61240b1b1259416059d9ae7bd515ca7ee2a6aa2d5fe2d712198d719b018
SSDEEP

12288:gp/iN/mlVdtvrYeyZJf7kPK+iqBZn+D73iKHeGspgaFKNT4dzVqn70am:gpQ/6trYlvYPK+lqD73TeGspga0J4CnO

Score

8^/10

Malware Config

Targets

- Target
  
  bb6daea6337de03f079afc408c7ba05e1d8dc6a225e96e0253a73bdf05115778
- Size
  
  706KB
- MD5
  
  56fcf0859775d2ff57e143e276d77a5b
- SHA1
  
  e9815475d8756d42e4cc803e311aefea28ae83db
- SHA256
  
  bb6daea6337de03f079afc408c7ba05e1d8dc6a225e96e0253a73bdf05115778
- SHA512
  
  c8f23f7f88792ac6c99293376ce94e74f9dbaae2cff36808694e8c2126dc43953334e61240b1b1259416059d9ae7bd515ca7ee2a6aa2d5fe2d712198d719b018
- SSDEEP
  
  12288:gp/iN/mlVdtvrYeyZJf7kPK+iqBZn+D73iKHeGspgaFKNT4dzVqn70am:gpQ/6trYlvYPK+lqD73TeGspga0J4CnO
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2