93d1f15549e14a86dcb8e887e9dd8dced9236cc8c3ff48af384374f98ff9eea7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

810KB
Sample

221203-r1ageadc3s
MD5

8d2869ea08633e1625290032e36987e9
SHA1

c2ef9793113ab8bb2185d918284148499acbfac5
SHA256

93d1f15549e14a86dcb8e887e9dd8dced9236cc8c3ff48af384374f98ff9eea7
SHA512

476e9b9806c07fb4a6881dfb48b7bc1a643a074925b191b69b2b7c376b6451858b85ae589e05cf13aa97854b56a6b72fe73f1dd7379297ac205a079e0c299dc5
SSDEEP

12288:er7EAxBmNzFLrWY5SWUWoLS+OpB+pAJobBgrNQ3kbO6PIqcSOt:QoBrWYlb4ujobBUakyyIb

Score

8^/10

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  810KB
- MD5
  
  8d2869ea08633e1625290032e36987e9
- SHA1
  
  c2ef9793113ab8bb2185d918284148499acbfac5
- SHA256
  
  93d1f15549e14a86dcb8e887e9dd8dced9236cc8c3ff48af384374f98ff9eea7
- SHA512
  
  476e9b9806c07fb4a6881dfb48b7bc1a643a074925b191b69b2b7c376b6451858b85ae589e05cf13aa97854b56a6b72fe73f1dd7379297ac205a079e0c299dc5
- SSDEEP
  
  12288:er7EAxBmNzFLrWY5SWUWoLS+OpB+pAJobBgrNQ3kbO6PIqcSOt:QoBrWYlb4ujobBUakyyIb
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2