8f226fb77fa1a0e61066c2faf5da7f0714653db997d2bd9123e630fa5476c62b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f226fb77fa1a0e61066c2faf5da7f0714653db997d2bd9123e630fa5476c62b
Size

2.3MB
Sample

221204-rb643sac9v
MD5

8c78d185cc5708794e8f9ca49ebe91f0
SHA1

f568f1785358f1ae85c16652d740bc69c4cca596
SHA256

8f226fb77fa1a0e61066c2faf5da7f0714653db997d2bd9123e630fa5476c62b
SHA512

8837d389051861de1eb887942d1f5e5ee7b427ee6c469d41422449fe184c805709f4b2a9464ee3659876763bb51c3784f896eec9d9931603f77ca305cc821ee9
SSDEEP

49152:D85W11HiF5F+BhvwTn9cU5fICbO3y49qmXmPEDOP7df9:m02mnqn9lmT8m2WOPp9

Score

8^/10

Malware Config

Targets

- Target
  
  8f226fb77fa1a0e61066c2faf5da7f0714653db997d2bd9123e630fa5476c62b
- Size
  
  2.3MB
- MD5
  
  8c78d185cc5708794e8f9ca49ebe91f0
- SHA1
  
  f568f1785358f1ae85c16652d740bc69c4cca596
- SHA256
  
  8f226fb77fa1a0e61066c2faf5da7f0714653db997d2bd9123e630fa5476c62b
- SHA512
  
  8837d389051861de1eb887942d1f5e5ee7b427ee6c469d41422449fe184c805709f4b2a9464ee3659876763bb51c3784f896eec9d9931603f77ca305cc821ee9
- SSDEEP
  
  49152:D85W11HiF5F+BhvwTn9cU5fICbO3y49qmXmPEDOP7df9:m02mnqn9lmT8m2WOPp9
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2