33be21eb29fbca425fc8d64d2556c632f4789cfd0911261e8301d20470125875 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33be21eb29fbca425fc8d64d2556c632f4789cfd0911261e8301d20470125875
Size

32KB
Sample

221204-bdfrxach85
MD5

527c811896db2137ce409a81bcea2a70
SHA1

07f1eeae8d997c7b32656e06ad8c4fdc3a8eaae2
SHA256

33be21eb29fbca425fc8d64d2556c632f4789cfd0911261e8301d20470125875
SHA512

ba1f32210cf99cb96c84fc94e9cb821772fe4bb5c60b804357616149efa3602c46693c9d9c33752f876d63deae1706bf98b97e3e1f64ee2eb465e664f406c733
SSDEEP

768:hASaMFGSLPKrZfbAW4wo6Dd3iqGXH5iFXSaAY:hAcFGSLPKrZfbARwo6R3iqGpiSa5

Score

8^/10

Malware Config

Targets

- Target
  
  33be21eb29fbca425fc8d64d2556c632f4789cfd0911261e8301d20470125875
- Size
  
  32KB
- MD5
  
  527c811896db2137ce409a81bcea2a70
- SHA1
  
  07f1eeae8d997c7b32656e06ad8c4fdc3a8eaae2
- SHA256
  
  33be21eb29fbca425fc8d64d2556c632f4789cfd0911261e8301d20470125875
- SHA512
  
  ba1f32210cf99cb96c84fc94e9cb821772fe4bb5c60b804357616149efa3602c46693c9d9c33752f876d63deae1706bf98b97e3e1f64ee2eb465e664f406c733
- SSDEEP
  
  768:hASaMFGSLPKrZfbAW4wo6Dd3iqGXH5iFXSaAY:hAcFGSLPKrZfbARwo6R3iqGpiSa5
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2