391fed46a6a918b4ed5c8e2c1a06d69f23e32e406d9aace19e74b7cb335bd200 | Triage

Sharing

General

Target

391fed46a6a918b4ed5c8e2c1a06d69f23e32e406d9aace19e74b7cb335bd200
Size

156KB
Sample

221202-agt82ahf51
MD5

337eb562b587f530933fb3cafbb8ce14
SHA1

f94b322d9c802f665d44923f237e409eb9476f8e
SHA256

391fed46a6a918b4ed5c8e2c1a06d69f23e32e406d9aace19e74b7cb335bd200
SHA512

5d93bd8bb5335b718dbd36a7b62f56758821fb9b53dd58b17c00011659b4a399792924cc2e790b265dcf10f0cd44a62beb3d22b3adbe229fe41d825a61a0e463
SSDEEP

3072:i1SZcAPGKZ+/4zbCFtiqF8Xow+dS8xnDF866h70sHsb/jb5mYI021cm0WRXoWb8G:SSZcAulcCf38XolZxnDFJ6h7XMdma21j

Score

8^/10

Malware Config

Targets

- Target
  
  391fed46a6a918b4ed5c8e2c1a06d69f23e32e406d9aace19e74b7cb335bd200
- Size
  
  156KB
- MD5
  
  337eb562b587f530933fb3cafbb8ce14
- SHA1
  
  f94b322d9c802f665d44923f237e409eb9476f8e
- SHA256
  
  391fed46a6a918b4ed5c8e2c1a06d69f23e32e406d9aace19e74b7cb335bd200
- SHA512
  
  5d93bd8bb5335b718dbd36a7b62f56758821fb9b53dd58b17c00011659b4a399792924cc2e790b265dcf10f0cd44a62beb3d22b3adbe229fe41d825a61a0e463
- SSDEEP
  
  3072:i1SZcAPGKZ+/4zbCFtiqF8Xow+dS8xnDF866h70sHsb/jb5mYI021cm0WRXoWb8G:SSZcAulcCf38XolZxnDFJ6h7XMdma21j
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2