788aee2dad3b746782d1ff33fcdb6531cce3b6444dac830284f50be3bb57848c | Triage

Sharing

General

Target

788aee2dad3b746782d1ff33fcdb6531cce3b6444dac830284f50be3bb57848c
Size

322KB
Sample

221205-v77bhabb98
MD5

d59728258539e9384e12595e1d60d700
SHA1

fbcf27ce6ef7666e7b61418441ba39323c6ba0ef
SHA256

788aee2dad3b746782d1ff33fcdb6531cce3b6444dac830284f50be3bb57848c
SHA512

7d7469490141888c81959b39dc33d172064b778f11e2878d2ee080f9f4eec655ba8895538e462a20bae3f7dd43f871038b88796fbcf6c96f4625ec9e919612ef
SSDEEP

6144:0ME1nmg1tDbJ5621YNA+APDCdRweVLjVqKkm7YQHyRV/1B31hvtGHSWtDUO:9gnJcdRweVLjV7YQI7lhvtGHtt

Score

8^/10

Malware Config

Targets

- Target
  
  788aee2dad3b746782d1ff33fcdb6531cce3b6444dac830284f50be3bb57848c
- Size
  
  322KB
- MD5
  
  d59728258539e9384e12595e1d60d700
- SHA1
  
  fbcf27ce6ef7666e7b61418441ba39323c6ba0ef
- SHA256
  
  788aee2dad3b746782d1ff33fcdb6531cce3b6444dac830284f50be3bb57848c
- SHA512
  
  7d7469490141888c81959b39dc33d172064b778f11e2878d2ee080f9f4eec655ba8895538e462a20bae3f7dd43f871038b88796fbcf6c96f4625ec9e919612ef
- SSDEEP
  
  6144:0ME1nmg1tDbJ5621YNA+APDCdRweVLjVqKkm7YQHyRV/1B31hvtGHSWtDUO:9gnJcdRweVLjV7YQI7lhvtGHtt
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2