86610083e33958dba694ae5ea6609c0e716f034ebb459427813332658a07d237 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86610083e33958dba694ae5ea6609c0e716f034ebb459427813332658a07d237
Size

274KB
Sample

221205-tzj1kafg78
MD5

b9b8522d970ff0916acbb630e3724420
SHA1

93c6a6d1786705def316601a96eb65b79be669f4
SHA256

86610083e33958dba694ae5ea6609c0e716f034ebb459427813332658a07d237
SHA512

4cba8053ef4a40d92b0e4191601529f3bf4c4cd7984cab375e822d2077f14252b7364fbe6b1c852570c5b8f45bd9bb2bf5d3ff9ed448f76e9f7fdf2263db7094
SSDEEP

6144:gsaocyLCecZHkyBKOdS9/x2XuOTprdNnfzLGFD5UKF5J:gtobUkgslGph+FDnTJ

Score

8^/10

Malware Config

Targets

- Target
  
  86610083e33958dba694ae5ea6609c0e716f034ebb459427813332658a07d237
- Size
  
  274KB
- MD5
  
  b9b8522d970ff0916acbb630e3724420
- SHA1
  
  93c6a6d1786705def316601a96eb65b79be669f4
- SHA256
  
  86610083e33958dba694ae5ea6609c0e716f034ebb459427813332658a07d237
- SHA512
  
  4cba8053ef4a40d92b0e4191601529f3bf4c4cd7984cab375e822d2077f14252b7364fbe6b1c852570c5b8f45bd9bb2bf5d3ff9ed448f76e9f7fdf2263db7094
- SSDEEP
  
  6144:gsaocyLCecZHkyBKOdS9/x2XuOTprdNnfzLGFD5UKF5J:gtobUkgslGph+FDnTJ
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2