b0230adfe82c49b5dfe24e5f7f1d60446d2a195aa33c4dfbfbfadc85b5e80a68 | Triage

Sharing

General

Target

b0230adfe82c49b5dfe24e5f7f1d60446d2a195aa33c4dfbfbfadc85b5e80a68
Size

186KB
Sample

221204-ekbcjsaa5z
MD5

5b1bf85bff151648346fa5b17f443027
SHA1

963988329d62e4f851b8022f89f690ac56455fca
SHA256

b0230adfe82c49b5dfe24e5f7f1d60446d2a195aa33c4dfbfbfadc85b5e80a68
SHA512

e6b164aa82b814f9457c7d004ebb7c6ca0149b323ba109c0c96b87315371710ef816c5d31769c3257f2f1fe58a583ee4d1682a58444867b91af330626a5c7ca9
SSDEEP

3072:qX7DItrfaocyTgfsqQOlJT1C7Pore1JZmByfjfJgqjb21bDJOQDCp8ntV:qsaocyLCTg7ArEZmQfb+qjb21bDkQG+n

Score

8^/10

Malware Config

Targets

- Target
  
  b0230adfe82c49b5dfe24e5f7f1d60446d2a195aa33c4dfbfbfadc85b5e80a68
- Size
  
  186KB
- MD5
  
  5b1bf85bff151648346fa5b17f443027
- SHA1
  
  963988329d62e4f851b8022f89f690ac56455fca
- SHA256
  
  b0230adfe82c49b5dfe24e5f7f1d60446d2a195aa33c4dfbfbfadc85b5e80a68
- SHA512
  
  e6b164aa82b814f9457c7d004ebb7c6ca0149b323ba109c0c96b87315371710ef816c5d31769c3257f2f1fe58a583ee4d1682a58444867b91af330626a5c7ca9
- SSDEEP
  
  3072:qX7DItrfaocyTgfsqQOlJT1C7Pore1JZmByfjfJgqjb21bDJOQDCp8ntV:qsaocyLCTg7ArEZmQfb+qjb21bDkQG+n
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2