72cbaf9fb51a93091544ffd03372050e16b4d437f24d0aab72fd5aa3151dc391 | Triage

Sharing

General

Target

72cbaf9fb51a93091544ffd03372050e16b4d437f24d0aab72fd5aa3151dc391
Size

200KB
Sample

221204-rk8dhabb6y
MD5

0333036a787a435a71d753f2220cd870
SHA1

e519885cbb032af9950a2f3f4834931a89ac2ba3
SHA256

72cbaf9fb51a93091544ffd03372050e16b4d437f24d0aab72fd5aa3151dc391
SHA512

1ac90e133464b2fb25e8f7e8172adf3f09b24099d223c92d7322c3c6c7e0ee0969ef92a9241722db378193229f6c4c299d1b0e030bdf51ebcfa6609bea28ac32
SSDEEP

3072:CVv/S13y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSsSx:S/S13yGFInRO

Score

8^/10

Malware Config

Targets

- Target
  
  72cbaf9fb51a93091544ffd03372050e16b4d437f24d0aab72fd5aa3151dc391
- Size
  
  200KB
- MD5
  
  0333036a787a435a71d753f2220cd870
- SHA1
  
  e519885cbb032af9950a2f3f4834931a89ac2ba3
- SHA256
  
  72cbaf9fb51a93091544ffd03372050e16b4d437f24d0aab72fd5aa3151dc391
- SHA512
  
  1ac90e133464b2fb25e8f7e8172adf3f09b24099d223c92d7322c3c6c7e0ee0969ef92a9241722db378193229f6c4c299d1b0e030bdf51ebcfa6609bea28ac32
- SSDEEP
  
  3072:CVv/S13y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSsSx:S/S13yGFInRO
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2