c198ba77599879f1f5661105b070243e969e8c072c73324f496a7ed6804b3b01 | Triage

Sharing

General

Target

c198ba77599879f1f5661105b070243e969e8c072c73324f496a7ed6804b3b01
Size

169KB
Sample

221203-gwzkmabb57
MD5

a9d5cfa5ee759c08fa493f0cbbf94b07
SHA1

d4616ccab3e56897372f5000eb37cac325c7c3fc
SHA256

c198ba77599879f1f5661105b070243e969e8c072c73324f496a7ed6804b3b01
SHA512

89cac41207345122e98722d941fbf7620567cec308194a31202d50fdb181a3ad5dbd3afd7d18b4f1fd82b429b1fbb50c2f603f38005bf3a2c70df8c9ea83af53
SSDEEP

3072:07Mm0JSQqBMmkMZSYrtEciEtOf/7EYfNBbLw0RzVwi8DyEPCulYe4myrkjC1zz5Q:RJSQqBM3Ys+AF+h1vk2CRbNMQHIbyqTR

Score

8^/10

Malware Config

Targets

- Target
  
  c198ba77599879f1f5661105b070243e969e8c072c73324f496a7ed6804b3b01
- Size
  
  169KB
- MD5
  
  a9d5cfa5ee759c08fa493f0cbbf94b07
- SHA1
  
  d4616ccab3e56897372f5000eb37cac325c7c3fc
- SHA256
  
  c198ba77599879f1f5661105b070243e969e8c072c73324f496a7ed6804b3b01
- SHA512
  
  89cac41207345122e98722d941fbf7620567cec308194a31202d50fdb181a3ad5dbd3afd7d18b4f1fd82b429b1fbb50c2f603f38005bf3a2c70df8c9ea83af53
- SSDEEP
  
  3072:07Mm0JSQqBMmkMZSYrtEciEtOf/7EYfNBbLw0RzVwi8DyEPCulYe4myrkjC1zz5Q:RJSQqBM3Ys+AF+h1vk2CRbNMQHIbyqTR
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2