d70ef0a55f97694f89628a5c895914d2458ffbf824ba0e14d6b8d6885b7622c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d70ef0a55f97694f89628a5c895914d2458ffbf824ba0e14d6b8d6885b7622c7
Size

32KB
Sample

221204-dgtt2sba98
MD5

b03db419f575a0e4b297ae5495cb0ecb
SHA1

f59f01e9d6898dd15f3836005bb7bf7472b4779d
SHA256

d70ef0a55f97694f89628a5c895914d2458ffbf824ba0e14d6b8d6885b7622c7
SHA512

9e30e6a16ed97129a47fa1e77d6a1fe1dc07d57e6180f55e2f6b88cd4849bfe2d450df90e0b7f7f30bc8ca40b04d4aa154d14a8746d86808bf65201f5307f9fc
SSDEEP

768:mzQL/qXL7g5AQRBIFGEjvM0WtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGW1:mUL/o7EjR2I0WtdgI2MyzNORQtOflIwT

Score

8^/10

Malware Config

Targets

- Target
  
  d70ef0a55f97694f89628a5c895914d2458ffbf824ba0e14d6b8d6885b7622c7
- Size
  
  32KB
- MD5
  
  b03db419f575a0e4b297ae5495cb0ecb
- SHA1
  
  f59f01e9d6898dd15f3836005bb7bf7472b4779d
- SHA256
  
  d70ef0a55f97694f89628a5c895914d2458ffbf824ba0e14d6b8d6885b7622c7
- SHA512
  
  9e30e6a16ed97129a47fa1e77d6a1fe1dc07d57e6180f55e2f6b88cd4849bfe2d450df90e0b7f7f30bc8ca40b04d4aa154d14a8746d86808bf65201f5307f9fc
- SSDEEP
  
  768:mzQL/qXL7g5AQRBIFGEjvM0WtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGW1:mUL/o7EjR2I0WtdgI2MyzNORQtOflIwT
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2