f39bad0d1a08e86970f31a9f08dd26db53394b394f0d9e30f11645ea27abd57d | Triage

Sharing

General

Target

f39bad0d1a08e86970f31a9f08dd26db53394b394f0d9e30f11645ea27abd57d
Size

32KB
Sample

221204-bddybagf5z
MD5

0955e6d7605a33f8ade579b346482c70
SHA1

f61ae645a5c6e2b283fd539793eb2afd90edc074
SHA256

f39bad0d1a08e86970f31a9f08dd26db53394b394f0d9e30f11645ea27abd57d
SHA512

33732453d6bcf7618ce5c2f9612b93240ba29e35d97f4fb97c8f3aac88cd64f9ce7e96c7031c1c7fa493f3b02f6c73bfeb1f3ca402e6a726dc073ff7246ea026
SSDEEP

768:2ASaMFGSLPKrZfbAW4wo6Dd3iqGXH5iJBvveB/8UNU:2AcFGSLPKrZfbARwo6R3iqGpIBeKUNU

Score

8^/10

Malware Config

Targets

- Target
  
  f39bad0d1a08e86970f31a9f08dd26db53394b394f0d9e30f11645ea27abd57d
- Size
  
  32KB
- MD5
  
  0955e6d7605a33f8ade579b346482c70
- SHA1
  
  f61ae645a5c6e2b283fd539793eb2afd90edc074
- SHA256
  
  f39bad0d1a08e86970f31a9f08dd26db53394b394f0d9e30f11645ea27abd57d
- SHA512
  
  33732453d6bcf7618ce5c2f9612b93240ba29e35d97f4fb97c8f3aac88cd64f9ce7e96c7031c1c7fa493f3b02f6c73bfeb1f3ca402e6a726dc073ff7246ea026
- SSDEEP
  
  768:2ASaMFGSLPKrZfbAW4wo6Dd3iqGXH5iJBvveB/8UNU:2AcFGSLPKrZfbARwo6R3iqGpIBeKUNU
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2