dbe5e4c1df40c4b6e4e0107a59824fc099abb023014666dcf06a5325c47a0049 | Triage

Sharing

General

Target

dbe5e4c1df40c4b6e4e0107a59824fc099abb023014666dcf06a5325c47a0049
Size

160KB
Sample

221203-v6mkpsbb59
MD5

93890e6894dd7ccc8f0bad1cd9775a0a
SHA1

2626f5be581ea9578eb644750b9b28d735baa92a
SHA256

dbe5e4c1df40c4b6e4e0107a59824fc099abb023014666dcf06a5325c47a0049
SHA512

170d810d5f4a16ec6095d697e9718aade2b31582e4eaffc2c0ec8ea9e09413e277c286ea34bd30b08be73278d792b575681a993d22014c9edc1141a87824ff63
SSDEEP

3072:jofpVwLoZZVMrawVeoDrxmcRJ4Cl2w8/cF:jCpSmJw79RJ4ClsC

Score

8^/10

Malware Config

Targets

- Target
  
  dbe5e4c1df40c4b6e4e0107a59824fc099abb023014666dcf06a5325c47a0049
- Size
  
  160KB
- MD5
  
  93890e6894dd7ccc8f0bad1cd9775a0a
- SHA1
  
  2626f5be581ea9578eb644750b9b28d735baa92a
- SHA256
  
  dbe5e4c1df40c4b6e4e0107a59824fc099abb023014666dcf06a5325c47a0049
- SHA512
  
  170d810d5f4a16ec6095d697e9718aade2b31582e4eaffc2c0ec8ea9e09413e277c286ea34bd30b08be73278d792b575681a993d22014c9edc1141a87824ff63
- SSDEEP
  
  3072:jofpVwLoZZVMrawVeoDrxmcRJ4Cl2w8/cF:jCpSmJw79RJ4ClsC
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2