b9161b3559a4628116c2ffcea5143b1a9b4e122c8d913aea10cc07725d2fe1e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9161b3559a4628116c2ffcea5143b1a9b4e122c8d913aea10cc07725d2fe1e6
Size

1.5MB
Sample

221203-at71nacg8v
MD5

da1349b728ca5b06ccd79f5e4c84497a
SHA1

d6a94d1926b2698b0cff4926972df7918fa79e66
SHA256

b9161b3559a4628116c2ffcea5143b1a9b4e122c8d913aea10cc07725d2fe1e6
SHA512

ca695543588eedf67bb79176ac95048f62c62c9dac3cee912f45d560075b3ae2459d38fc95c6fc097671e733e14b5c00a28d21fcb74f528c040b3e5ee409bc30
SSDEEP

24576:cUZabAykYhcF9Fv8sEzU1HDJw6PyjxYMe0cASUKEGBSALttpxR+O7pc3CD:P+k4c5H/1tr+x40yUKFBSAJCO7YCD

Score

8^/10

Malware Config

Targets

- Target
  
  b9161b3559a4628116c2ffcea5143b1a9b4e122c8d913aea10cc07725d2fe1e6
- Size
  
  1.5MB
- MD5
  
  da1349b728ca5b06ccd79f5e4c84497a
- SHA1
  
  d6a94d1926b2698b0cff4926972df7918fa79e66
- SHA256
  
  b9161b3559a4628116c2ffcea5143b1a9b4e122c8d913aea10cc07725d2fe1e6
- SHA512
  
  ca695543588eedf67bb79176ac95048f62c62c9dac3cee912f45d560075b3ae2459d38fc95c6fc097671e733e14b5c00a28d21fcb74f528c040b3e5ee409bc30
- SSDEEP
  
  24576:cUZabAykYhcF9Fv8sEzU1HDJw6PyjxYMe0cASUKEGBSALttpxR+O7pc3CD:P+k4c5H/1tr+x40yUKFBSAJCO7YCD
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2