afcce4a5e267b30ac77172e2aaf53d1137e08aeca0e91db697c6299c64e71734 | Triage

Sharing

General

Target

afcce4a5e267b30ac77172e2aaf53d1137e08aeca0e91db697c6299c64e71734
Size

126KB
Sample

221204-jxye3aah48
MD5

a3f801a47cf233092211ed1b58d9a4ff
SHA1

e7e08b8af0ea72ce3bdc998cb731552bd2ad3f2e
SHA256

afcce4a5e267b30ac77172e2aaf53d1137e08aeca0e91db697c6299c64e71734
SHA512

134f7b81be95060fcccd47c1713ab623234f5e88a870f582206f8b91d697fb6addd4b796a2981bd072c9a70abd9fee65f735c69bf7757566a029d18fd45b0822
SSDEEP

3072:vcINEMu9CzG7jb+Wd0W/FpcBLQYUGEL5ai8avu:e/yGD+1upcBLQBvKavu

Score

8^/10

Malware Config

Targets

- Target
  
  afcce4a5e267b30ac77172e2aaf53d1137e08aeca0e91db697c6299c64e71734
- Size
  
  126KB
- MD5
  
  a3f801a47cf233092211ed1b58d9a4ff
- SHA1
  
  e7e08b8af0ea72ce3bdc998cb731552bd2ad3f2e
- SHA256
  
  afcce4a5e267b30ac77172e2aaf53d1137e08aeca0e91db697c6299c64e71734
- SHA512
  
  134f7b81be95060fcccd47c1713ab623234f5e88a870f582206f8b91d697fb6addd4b796a2981bd072c9a70abd9fee65f735c69bf7757566a029d18fd45b0822
- SSDEEP
  
  3072:vcINEMu9CzG7jb+Wd0W/FpcBLQYUGEL5ai8avu:e/yGD+1upcBLQBvKavu
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2