a8c93d94cc7764d4162a7e9c8ea7087ddd7e87576c435cbe07636d6c95243eb2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8c93d94cc7764d4162a7e9c8ea7087ddd7e87576c435cbe07636d6c95243eb2
Size

196KB
Sample

221203-zhnkbade46
MD5

355dcffbb72b65779abc89571894f790
SHA1

b40f86d29f07167a38499c9efa70974b1c49c008
SHA256

a8c93d94cc7764d4162a7e9c8ea7087ddd7e87576c435cbe07636d6c95243eb2
SHA512

b2be35d7707d5aff2c3dff9f2e41a2f5ecd234a49e7f83a224c49f0afc98e94170131dd92d8205ffc32feceede62c64bc9111729c4b8f88516e9dae6b61946a1
SSDEEP

1536:ZZ/fgkAqJlV+n1EgGHo7P1YPx28VmyonpsP:Z1gkZl0nt/P1YPxDonI

Score

8^/10

Malware Config

Targets

- Target
  
  a8c93d94cc7764d4162a7e9c8ea7087ddd7e87576c435cbe07636d6c95243eb2
- Size
  
  196KB
- MD5
  
  355dcffbb72b65779abc89571894f790
- SHA1
  
  b40f86d29f07167a38499c9efa70974b1c49c008
- SHA256
  
  a8c93d94cc7764d4162a7e9c8ea7087ddd7e87576c435cbe07636d6c95243eb2
- SHA512
  
  b2be35d7707d5aff2c3dff9f2e41a2f5ecd234a49e7f83a224c49f0afc98e94170131dd92d8205ffc32feceede62c64bc9111729c4b8f88516e9dae6b61946a1
- SSDEEP
  
  1536:ZZ/fgkAqJlV+n1EgGHo7P1YPx28VmyonpsP:Z1gkZl0nt/P1YPxDonI
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2