f8fa7ed7d4114746aa6df182f4442f192329d788635de37ef7679bd31bc09c0c | Triage

Sharing

General

Target

f8fa7ed7d4114746aa6df182f4442f192329d788635de37ef7679bd31bc09c0c
Size

542KB
Sample

221205-t8xm1sbg2v
MD5

0e3af8520b4d7737f759c9a70b8f7e75
SHA1

613bb28a2d8460368accf27323191b49ae0ae40e
SHA256

f8fa7ed7d4114746aa6df182f4442f192329d788635de37ef7679bd31bc09c0c
SHA512

6b9fa9b561fb9ad1be0aed80db208986a259a67b4232d8f19243aa9319fb2af94735df9484c9619fbb1471a829b5a264e176cdcad1ac43b9666ffb381c29ddf5
SSDEEP

6144:skQdh1gQZpdi1gSaF2vL1V22NTlaHj+LIayFlbw3uwSJogne7NPyF8OmFbJ:s51JZpZS2uV2Ql0jQIzIQJrn0yFc

Score

8^/10

Malware Config

Targets

- Target
  
  f8fa7ed7d4114746aa6df182f4442f192329d788635de37ef7679bd31bc09c0c
- Size
  
  542KB
- MD5
  
  0e3af8520b4d7737f759c9a70b8f7e75
- SHA1
  
  613bb28a2d8460368accf27323191b49ae0ae40e
- SHA256
  
  f8fa7ed7d4114746aa6df182f4442f192329d788635de37ef7679bd31bc09c0c
- SHA512
  
  6b9fa9b561fb9ad1be0aed80db208986a259a67b4232d8f19243aa9319fb2af94735df9484c9619fbb1471a829b5a264e176cdcad1ac43b9666ffb381c29ddf5
- SSDEEP
  
  6144:skQdh1gQZpdi1gSaF2vL1V22NTlaHj+LIayFlbw3uwSJogne7NPyF8OmFbJ:s51JZpZS2uV2Ql0jQIzIQJrn0yFc
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2