b0b669b37c23966b17af9b6fa2f891e9bcfffe1054dbd26d1323c5a9f3cc3c1e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0b669b37c23966b17af9b6fa2f891e9bcfffe1054dbd26d1323c5a9f3cc3c1e
Size

368KB
Sample

221202-xptc2adh93
MD5

9a328f933fa69693729fc495697f685a
SHA1

411ff504a923be81135ac27057e2cb0b16c767d4
SHA256

b0b669b37c23966b17af9b6fa2f891e9bcfffe1054dbd26d1323c5a9f3cc3c1e
SHA512

60d92adae439bb62628c5c97648a6e0326e7780841b8cb03666d26d8b732a9d73ee45a4c34bdb0663d9a086de4c8e3cc6795391fac16423abb73181672b5486e
SSDEEP

6144:fTfFDbRnOTrCgqJbReiblsH+0L0LWqDpFBD8DroJgeNN/EhbJ0ycbEmqyR9HK:x5OqguRVblsHrYWSBcI5wr2vq

Score

8^/10

Malware Config

Targets

- Target
  
  b0b669b37c23966b17af9b6fa2f891e9bcfffe1054dbd26d1323c5a9f3cc3c1e
- Size
  
  368KB
- MD5
  
  9a328f933fa69693729fc495697f685a
- SHA1
  
  411ff504a923be81135ac27057e2cb0b16c767d4
- SHA256
  
  b0b669b37c23966b17af9b6fa2f891e9bcfffe1054dbd26d1323c5a9f3cc3c1e
- SHA512
  
  60d92adae439bb62628c5c97648a6e0326e7780841b8cb03666d26d8b732a9d73ee45a4c34bdb0663d9a086de4c8e3cc6795391fac16423abb73181672b5486e
- SSDEEP
  
  6144:fTfFDbRnOTrCgqJbReiblsH+0L0LWqDpFBD8DroJgeNN/EhbJ0ycbEmqyR9HK:x5OqguRVblsHrYWSBcI5wr2vq
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2