ac10542bf451cdf6be212398546ede927e0bdb628b22e6e774fef3c2a3d0abe6 | Triage

Sharing

General

Target

ac10542bf451cdf6be212398546ede927e0bdb628b22e6e774fef3c2a3d0abe6
Size

153KB
Sample

221205-la2kbaaf2s
MD5

88034087b4e9678846bc64b34128f020
SHA1

935ee25e1d746c891277fbaf4e6f3cbbedb28d2e
SHA256

ac10542bf451cdf6be212398546ede927e0bdb628b22e6e774fef3c2a3d0abe6
SHA512

43e055f251d39915836828c7c3f36efbe1dfa4eb62ae5d993dee5377dfbbaf826278972960d630609bf333147a229d12e5321df792d1ba67a1e1663572dc70c9
SSDEEP

3072:PQHbkEVizHGn9HV6HutTBfAUOjLx6CidbkoFvFtyySyUnXgsQG:PQHbkEVizHGn9HAHutTB7O04olT/SyUH

Score

8^/10

Malware Config

Targets

- Target
  
  ac10542bf451cdf6be212398546ede927e0bdb628b22e6e774fef3c2a3d0abe6
- Size
  
  153KB
- MD5
  
  88034087b4e9678846bc64b34128f020
- SHA1
  
  935ee25e1d746c891277fbaf4e6f3cbbedb28d2e
- SHA256
  
  ac10542bf451cdf6be212398546ede927e0bdb628b22e6e774fef3c2a3d0abe6
- SHA512
  
  43e055f251d39915836828c7c3f36efbe1dfa4eb62ae5d993dee5377dfbbaf826278972960d630609bf333147a229d12e5321df792d1ba67a1e1663572dc70c9
- SSDEEP
  
  3072:PQHbkEVizHGn9HV6HutTBfAUOjLx6CidbkoFvFtyySyUnXgsQG:PQHbkEVizHGn9HAHutTB7O04olT/SyUH
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2