6bde7cc72b32fe3c972eb50a8b3dfb372b54d04dd42cd8115ee7eb678d91d330 | Triage

Sharing

General

Target

6bde7cc72b32fe3c972eb50a8b3dfb372b54d04dd42cd8115ee7eb678d91d330
Size

114KB
Sample

221205-1dvnhahe77
MD5

09945d835a49e69aa6b0c12913f0176e
SHA1

df15b07e32658a9b54f6644cae201618e36e3fe0
SHA256

6bde7cc72b32fe3c972eb50a8b3dfb372b54d04dd42cd8115ee7eb678d91d330
SHA512

2b512d540beddc9385e383e04f442b78f50d769003a9c744c1feafc9443b5c8b2a44636a2c974fb16184cc51f0788134b0ebbfb6fca159ff3ace5935c95e9b8b
SSDEEP

1536:Cr7QvQt3WpOck/R3Xz0z2arhTRifCFTuARVpgM+Wf3VkPVfT48Jnit4dXJlVit5y:Cz+92mhTMMJ/cPiq5bViX5kYi2YSc

Score

8^/10

Malware Config

Targets

- Target
  
  6bde7cc72b32fe3c972eb50a8b3dfb372b54d04dd42cd8115ee7eb678d91d330
- Size
  
  114KB
- MD5
  
  09945d835a49e69aa6b0c12913f0176e
- SHA1
  
  df15b07e32658a9b54f6644cae201618e36e3fe0
- SHA256
  
  6bde7cc72b32fe3c972eb50a8b3dfb372b54d04dd42cd8115ee7eb678d91d330
- SHA512
  
  2b512d540beddc9385e383e04f442b78f50d769003a9c744c1feafc9443b5c8b2a44636a2c974fb16184cc51f0788134b0ebbfb6fca159ff3ace5935c95e9b8b
- SSDEEP
  
  1536:Cr7QvQt3WpOck/R3Xz0z2arhTRifCFTuARVpgM+Wf3VkPVfT48Jnit4dXJlVit5y:Cz+92mhTMMJ/cPiq5bViX5kYi2YSc
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2