af529aef19f214b34550b2753935438bb0fcf1989159da1fc3a3c3c8e7dc9ebf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af529aef19f214b34550b2753935438bb0fcf1989159da1fc3a3c3c8e7dc9ebf
Size

274KB
Sample

221202-b4degabb33
MD5

d505ebece1fbe77326c491fcdec32850
SHA1

ef5dbe5f5ebeccf12dcb78331cb87dabead5e658
SHA256

af529aef19f214b34550b2753935438bb0fcf1989159da1fc3a3c3c8e7dc9ebf
SHA512

03ed570ff18110f40176213f76be40796e0382bac4f8e0c2615c59c1d70cecfee7839e03610aea0153299abb9959ec79ebba63cb3d8f5672e1bf55884223d8bd
SSDEEP

6144:nsaocyLCecZog8duCkY0a3G8kHDpMpZCsWT1CcaheBvACMvBWwBnA:ntobjxdKyayp1BiFgnA

Score

8^/10

Malware Config

Targets

- Target
  
  af529aef19f214b34550b2753935438bb0fcf1989159da1fc3a3c3c8e7dc9ebf
- Size
  
  274KB
- MD5
  
  d505ebece1fbe77326c491fcdec32850
- SHA1
  
  ef5dbe5f5ebeccf12dcb78331cb87dabead5e658
- SHA256
  
  af529aef19f214b34550b2753935438bb0fcf1989159da1fc3a3c3c8e7dc9ebf
- SHA512
  
  03ed570ff18110f40176213f76be40796e0382bac4f8e0c2615c59c1d70cecfee7839e03610aea0153299abb9959ec79ebba63cb3d8f5672e1bf55884223d8bd
- SSDEEP
  
  6144:nsaocyLCecZog8duCkY0a3G8kHDpMpZCsWT1CcaheBvACMvBWwBnA:ntobjxdKyayp1BiFgnA
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2