9acafa6bfc13f44ed33be6f04660c90d40b112096f0c47997d93b2397e5f0346 | Triage

Sharing

General

Target

9acafa6bfc13f44ed33be6f04660c90d40b112096f0c47997d93b2397e5f0346
Size

21KB
Sample

221205-ngr1kaea39
MD5

b5f13f1f48418c4543dafcdffa80bfd8
SHA1

970d7158bbd85ac3dc19bb227eb57fabb774532a
SHA256

9acafa6bfc13f44ed33be6f04660c90d40b112096f0c47997d93b2397e5f0346
SHA512

6bf352e2484a256a0d0d2f25c4be68798aafa9ac321a5c22dd0ee171f8382c18e5c593fe305e519dcf52221d28f95e20d5d8e147ff6a880785ab425d91d43d6d
SSDEEP

384:AjH2HJQdV0PyCVcCm23Y54RbwYbUhPbtET/+u:IWpQauhSbUhY//

Score

8^/10

Malware Config

Targets

- Target
  
  9acafa6bfc13f44ed33be6f04660c90d40b112096f0c47997d93b2397e5f0346
- Size
  
  21KB
- MD5
  
  b5f13f1f48418c4543dafcdffa80bfd8
- SHA1
  
  970d7158bbd85ac3dc19bb227eb57fabb774532a
- SHA256
  
  9acafa6bfc13f44ed33be6f04660c90d40b112096f0c47997d93b2397e5f0346
- SHA512
  
  6bf352e2484a256a0d0d2f25c4be68798aafa9ac321a5c22dd0ee171f8382c18e5c593fe305e519dcf52221d28f95e20d5d8e147ff6a880785ab425d91d43d6d
- SSDEEP
  
  384:AjH2HJQdV0PyCVcCm23Y54RbwYbUhPbtET/+u:IWpQauhSbUhY//
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2