a85e5c38990fb64d3a0d245a6d6034cc4a0a4eaac6b715c35c12c7e93cd7f938 | Triage

Sharing

General

Target

a85e5c38990fb64d3a0d245a6d6034cc4a0a4eaac6b715c35c12c7e93cd7f938
Size

273KB
Sample

221205-jxsvksae67
MD5

10a390602afad9926028116607ac094a
SHA1

1b4e2dcf1fbcf29e16a24eecabde41c479fc8401
SHA256

a85e5c38990fb64d3a0d245a6d6034cc4a0a4eaac6b715c35c12c7e93cd7f938
SHA512

239f744457d45b99495ce14b4010151b87ae049f610275a600ffb906a1e5311c5211c7a625ba804ffc850fbe261e329a751ab343d614bcdcd7305d67fe922e59
SSDEEP

6144:SME1nmg1tDbJ5621YNMy3JwudRO2ojd+7xrTKQ1W+8kiMvR14uoYj:jgnJJudUy7xXKHFtMz4V+

Score

8^/10

Malware Config

Targets

- Target
  
  a85e5c38990fb64d3a0d245a6d6034cc4a0a4eaac6b715c35c12c7e93cd7f938
- Size
  
  273KB
- MD5
  
  10a390602afad9926028116607ac094a
- SHA1
  
  1b4e2dcf1fbcf29e16a24eecabde41c479fc8401
- SHA256
  
  a85e5c38990fb64d3a0d245a6d6034cc4a0a4eaac6b715c35c12c7e93cd7f938
- SHA512
  
  239f744457d45b99495ce14b4010151b87ae049f610275a600ffb906a1e5311c5211c7a625ba804ffc850fbe261e329a751ab343d614bcdcd7305d67fe922e59
- SSDEEP
  
  6144:SME1nmg1tDbJ5621YNMy3JwudRO2ojd+7xrTKQ1W+8kiMvR14uoYj:jgnJJudUy7xXKHFtMz4V+
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2