fb88bf1b48420d985dfeee2462af709e7173cbf6a7227a36220ff822d4d7b579 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb88bf1b48420d985dfeee2462af709e7173cbf6a7227a36220ff822d4d7b579
Size

965KB
Sample

221204-ecpj7shd3w
MD5

927c42ce51b7b2b1903270f8ee5acf57
SHA1

e04cc3f832c86d58b7d467db7c5d3a27b0cdc089
SHA256

fb88bf1b48420d985dfeee2462af709e7173cbf6a7227a36220ff822d4d7b579
SHA512

27ff52228b637efd71f0f0d1709170a8877a18a71fc545ab8ac8e2871c3b5ff1393d8093806db10b4e8485e975cb84d5300b5e9e41bbe2c479bc10ecf10ac9cf
SSDEEP

6144:cpCZbMPOxR8g91EoDZbMPOxR8yaZbMPOxR8IW62raFR8IMPO9I8y:ztt91EoVtrmthW6Ya59e

Score

8^/10

Malware Config

Targets

- Target
  
  fb88bf1b48420d985dfeee2462af709e7173cbf6a7227a36220ff822d4d7b579
- Size
  
  965KB
- MD5
  
  927c42ce51b7b2b1903270f8ee5acf57
- SHA1
  
  e04cc3f832c86d58b7d467db7c5d3a27b0cdc089
- SHA256
  
  fb88bf1b48420d985dfeee2462af709e7173cbf6a7227a36220ff822d4d7b579
- SHA512
  
  27ff52228b637efd71f0f0d1709170a8877a18a71fc545ab8ac8e2871c3b5ff1393d8093806db10b4e8485e975cb84d5300b5e9e41bbe2c479bc10ecf10ac9cf
- SSDEEP
  
  6144:cpCZbMPOxR8g91EoDZbMPOxR8yaZbMPOxR8IW62raFR8IMPO9I8y:ztt91EoVtrmthW6Ya59e
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2