83f1167877e2dd5e3e110acadde1109518926a5db622f2bc5e7192126abe9838 | Triage

Sharing

General

Target

83f1167877e2dd5e3e110acadde1109518926a5db622f2bc5e7192126abe9838
Size

2.6MB
Sample

221203-xc563aad2w
MD5

8f30495351188a6fdd3da179691e6a97
SHA1

dfbfb496f2f7662eea3c9d88e398995864449c0f
SHA256

83f1167877e2dd5e3e110acadde1109518926a5db622f2bc5e7192126abe9838
SHA512

68fce63f11ca17872944732fa1ef19ab056b87fd018affb4902477d3cc0f873dc0a28a22f5b693779a425b118bf581fa60e78bfbc879f7814d2164cd5afdd9cb
SSDEEP

49152:puiDR7ztcKayMNSe6jgzcbQb1Yj4qtEhxDEC/POVpa9L/ZXk9Dea7c6qmub:pR5payMNSXA76Jqx//2K9L0yaQTmub

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  83f1167877e2dd5e3e110acadde1109518926a5db622f2bc5e7192126abe9838
- Size
  
  2.6MB
- MD5
  
  8f30495351188a6fdd3da179691e6a97
- SHA1
  
  dfbfb496f2f7662eea3c9d88e398995864449c0f
- SHA256
  
  83f1167877e2dd5e3e110acadde1109518926a5db622f2bc5e7192126abe9838
- SHA512
  
  68fce63f11ca17872944732fa1ef19ab056b87fd018affb4902477d3cc0f873dc0a28a22f5b693779a425b118bf581fa60e78bfbc879f7814d2164cd5afdd9cb
- SSDEEP
  
  49152:puiDR7ztcKayMNSe6jgzcbQb1Yj4qtEhxDEC/POVpa9L/ZXk9Dea7c6qmub:pR5payMNSXA76Jqx//2K9L0yaQTmub
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2