baf40ef47649293a383d12b7b6ccc27b893ac757ffc816cbd54784a9819b09f2 | Triage

Sharing

General

Target

baf40ef47649293a383d12b7b6ccc27b893ac757ffc816cbd54784a9819b09f2
Size

222KB
Sample

221203-kn5y8ahc59
MD5

9f84c9ecd51b4c80d90ae34d93f60993
SHA1

6f38a9ab31298873ad5befb16cee186d7545d55a
SHA256

baf40ef47649293a383d12b7b6ccc27b893ac757ffc816cbd54784a9819b09f2
SHA512

363af8489b9dde4ea7d38659d646201129e3a7bb40053b5200ea17902f46e3509d0f0cce8fff4d51ec422f94bd896fcadea84265d3b5dbeeb3d48205813f8daf
SSDEEP

6144:8d93ZBZMbqYgomHmXWValAHcv5NNyhTQrfWonYVhNlYX:8r3ZBIRi4G8v5NgcfWGX

Score

8^/10

Malware Config

Targets

- Target
  
  baf40ef47649293a383d12b7b6ccc27b893ac757ffc816cbd54784a9819b09f2
- Size
  
  222KB
- MD5
  
  9f84c9ecd51b4c80d90ae34d93f60993
- SHA1
  
  6f38a9ab31298873ad5befb16cee186d7545d55a
- SHA256
  
  baf40ef47649293a383d12b7b6ccc27b893ac757ffc816cbd54784a9819b09f2
- SHA512
  
  363af8489b9dde4ea7d38659d646201129e3a7bb40053b5200ea17902f46e3509d0f0cce8fff4d51ec422f94bd896fcadea84265d3b5dbeeb3d48205813f8daf
- SSDEEP
  
  6144:8d93ZBZMbqYgomHmXWValAHcv5NNyhTQrfWonYVhNlYX:8r3ZBIRi4G8v5NgcfWGX
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2