58b1e7027e117b343953036056c6a165842ddf75e114c8c7af274a3dbcef047d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58b1e7027e117b343953036056c6a165842ddf75e114c8c7af274a3dbcef047d
Size

200KB
Sample

221203-2fmw4sbc46
MD5

1faacf799c0356f9246c982b2c032130
SHA1

443ea6b2314f6808394c5187201d72f20e359bc2
SHA256

58b1e7027e117b343953036056c6a165842ddf75e114c8c7af274a3dbcef047d
SHA512

2442bfde88b932dcab8cf9167270dbbd809eac5594a45d37ee5b18fb3a5fe6412f451e7188c8c43a9109845c179bbeebf5e0fade2f6d1dca80a5321642d71aea
SSDEEP

3072:f/IPgDA3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSsG:IPaA3yGFInRO

Score

8^/10

Malware Config

Targets

- Target
  
  58b1e7027e117b343953036056c6a165842ddf75e114c8c7af274a3dbcef047d
- Size
  
  200KB
- MD5
  
  1faacf799c0356f9246c982b2c032130
- SHA1
  
  443ea6b2314f6808394c5187201d72f20e359bc2
- SHA256
  
  58b1e7027e117b343953036056c6a165842ddf75e114c8c7af274a3dbcef047d
- SHA512
  
  2442bfde88b932dcab8cf9167270dbbd809eac5594a45d37ee5b18fb3a5fe6412f451e7188c8c43a9109845c179bbeebf5e0fade2f6d1dca80a5321642d71aea
- SSDEEP
  
  3072:f/IPgDA3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSsG:IPaA3yGFInRO
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2