d5658d17709d4ec1f839d2c6faabc2321cb2fa59c290f3b053bfd6fbcc5e1a56 | Triage

Sharing

General

Target

d5658d17709d4ec1f839d2c6faabc2321cb2fa59c290f3b053bfd6fbcc5e1a56
Size

54KB
Sample

221204-c4gybsaa63
MD5

b047aa40129dc10333cf02d9935db56b
SHA1

eaefbe8544b5606bb68dd46f328d806563f0461e
SHA256

d5658d17709d4ec1f839d2c6faabc2321cb2fa59c290f3b053bfd6fbcc5e1a56
SHA512

239686a964b2f4ee5c6ca6b533cca9aa0a00e34baf22f47a4b03a441293a16b34af24756cc9cb30fe0c2346f7930445c1525ae38647f57f43367fc149b2f6b37
SSDEEP

384:aIQwN/ZxDnD90Ypw76YLC9rFA7DiJMkiAnt9+iI/l7Lum:bjN/3Oj7FC9rFK2Aot9+io9um

Score

8^/10

Malware Config

Targets

- Target
  
  d5658d17709d4ec1f839d2c6faabc2321cb2fa59c290f3b053bfd6fbcc5e1a56
- Size
  
  54KB
- MD5
  
  b047aa40129dc10333cf02d9935db56b
- SHA1
  
  eaefbe8544b5606bb68dd46f328d806563f0461e
- SHA256
  
  d5658d17709d4ec1f839d2c6faabc2321cb2fa59c290f3b053bfd6fbcc5e1a56
- SHA512
  
  239686a964b2f4ee5c6ca6b533cca9aa0a00e34baf22f47a4b03a441293a16b34af24756cc9cb30fe0c2346f7930445c1525ae38647f57f43367fc149b2f6b37
- SSDEEP
  
  384:aIQwN/ZxDnD90Ypw76YLC9rFA7DiJMkiAnt9+iI/l7Lum:bjN/3Oj7FC9rFK2Aot9+io9um
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2