97019b3f22e843f71b5bd90df618a22c85410626de152ca0bcd690f8df27fa34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97019b3f22e843f71b5bd90df618a22c85410626de152ca0bcd690f8df27fa34
Size

772KB
Sample

221205-nz8e9sfh67
MD5

483e6256fa77f7d99d0b78f9ed8a81db
SHA1

e52d6c71d7ff0897c477be862c6268d1957ed15d
SHA256

97019b3f22e843f71b5bd90df618a22c85410626de152ca0bcd690f8df27fa34
SHA512

37eebccd8e993630a6af7369e57180db155253a85de47dfd6812bb7dde196ff4c5ff7bdbec53415dc662cdd79e1d71b85fb6a958d1b566b247724106794cebdc
SSDEEP

6144:Rhb5oqpMUyN+OukephOMa3fmWD5717akmdvfdlVZPJAVgys7X+Qi9jOI:RJ9yN+Oukn7mWD57wbvPPuRsLS9jn

Score

8^/10

Malware Config

Targets

- Target
  
  97019b3f22e843f71b5bd90df618a22c85410626de152ca0bcd690f8df27fa34
- Size
  
  772KB
- MD5
  
  483e6256fa77f7d99d0b78f9ed8a81db
- SHA1
  
  e52d6c71d7ff0897c477be862c6268d1957ed15d
- SHA256
  
  97019b3f22e843f71b5bd90df618a22c85410626de152ca0bcd690f8df27fa34
- SHA512
  
  37eebccd8e993630a6af7369e57180db155253a85de47dfd6812bb7dde196ff4c5ff7bdbec53415dc662cdd79e1d71b85fb6a958d1b566b247724106794cebdc
- SSDEEP
  
  6144:Rhb5oqpMUyN+OukephOMa3fmWD5717akmdvfdlVZPJAVgys7X+Qi9jOI:RJ9yN+Oukn7mWD57wbvPPuRsLS9jn
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2