b5e66b37018c32a1a6ff786a612dfe4c5b8fe8250988a80cd5599a6cc74a6aa2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5e66b37018c32a1a6ff786a612dfe4c5b8fe8250988a80cd5599a6cc74a6aa2
Size

34KB
Sample

221203-cefnzaed44
MD5

cf0ea718be79feb1a774f4905ecb62e2
SHA1

687532e1fa8ec32b051309d733bf70d85d78d9c7
SHA256

b5e66b37018c32a1a6ff786a612dfe4c5b8fe8250988a80cd5599a6cc74a6aa2
SHA512

cc18f054be04328de1ccd717601acdbd3cbab07cdc2f64d85f4b925269c36c61d7d8d15cc2f2898a88b71ff74ddf1666c0be1bc45e757bd1c44fedf22a66488f
SSDEEP

768:mzQYScGrIubHuYtvdxwYHw5FAe2QPncwxt:gQTIubHy5wQPJ

Score

8^/10

Malware Config

Targets

- Target
  
  b5e66b37018c32a1a6ff786a612dfe4c5b8fe8250988a80cd5599a6cc74a6aa2
- Size
  
  34KB
- MD5
  
  cf0ea718be79feb1a774f4905ecb62e2
- SHA1
  
  687532e1fa8ec32b051309d733bf70d85d78d9c7
- SHA256
  
  b5e66b37018c32a1a6ff786a612dfe4c5b8fe8250988a80cd5599a6cc74a6aa2
- SHA512
  
  cc18f054be04328de1ccd717601acdbd3cbab07cdc2f64d85f4b925269c36c61d7d8d15cc2f2898a88b71ff74ddf1666c0be1bc45e757bd1c44fedf22a66488f
- SSDEEP
  
  768:mzQYScGrIubHuYtvdxwYHw5FAe2QPncwxt:gQTIubHy5wQPJ
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2