0116de8d6bf82f4b61ef37dd07ceb3a86a34898940b355ce25de575c4f694370 | Triage

Sharing

General

Target

0116de8d6bf82f4b61ef37dd07ceb3a86a34898940b355ce25de575c4f694370
Size

1.5MB
Sample

221203-py8v3sef81
MD5

eeece1849685307d320c414886f6a74c
SHA1

6041442d57044bc671217b45f51e364098c1025e
SHA256

0116de8d6bf82f4b61ef37dd07ceb3a86a34898940b355ce25de575c4f694370
SHA512

fa69324643da964d1fa4d6795829f1add4c53790b800037af6b78f5e8629fae9591994d2f8ffcd0f49ce7ebe5dccc76f889969a8ebda438bac6e59ac50ddca8d
SSDEEP

6144:zdcWlMpTJ1Wp4RufxL8HWp4RufxLqeWp4RufxLqYWp4RufxLqSQWp4RufxLHWlMH:JM/wpEuppEu4pEuSpEudpEucM/ek

Score

8^/10

Malware Config

Targets

- Target
  
  0116de8d6bf82f4b61ef37dd07ceb3a86a34898940b355ce25de575c4f694370
- Size
  
  1.5MB
- MD5
  
  eeece1849685307d320c414886f6a74c
- SHA1
  
  6041442d57044bc671217b45f51e364098c1025e
- SHA256
  
  0116de8d6bf82f4b61ef37dd07ceb3a86a34898940b355ce25de575c4f694370
- SHA512
  
  fa69324643da964d1fa4d6795829f1add4c53790b800037af6b78f5e8629fae9591994d2f8ffcd0f49ce7ebe5dccc76f889969a8ebda438bac6e59ac50ddca8d
- SSDEEP
  
  6144:zdcWlMpTJ1Wp4RufxL8HWp4RufxLqeWp4RufxLqYWp4RufxLqSQWp4RufxLHWlMH:JM/wpEuppEu4pEuSpEudpEucM/ek
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2