a35a62487dc077c4e57e39473fdf4cf7b6f345f95a3501aa680561e276826201 | Triage

Sharing

General

Target

a35a62487dc077c4e57e39473fdf4cf7b6f345f95a3501aa680561e276826201
Size

2.7MB
Sample

221205-vpfe3ach4x
MD5

68538d75b2771ba5bfdaf66853fcdd60
SHA1

adfb6fc46ca46d0e157079a0d7b76dbdfc3a3c10
SHA256

a35a62487dc077c4e57e39473fdf4cf7b6f345f95a3501aa680561e276826201
SHA512

9d1286efbc35d1dcfda6a96d9976f3efcf1fb312dd6ba2f28840f930834ec691898b3f0f51750a62828015710351331bf1104dfa5ae194e48191b3b1d02c31ea
SSDEEP

49152:oJy796EvMtTx435MtV+O14pWPMPdEAnPc5aIgqINUB+EuWi0+CSqvVBI1rw:d7AEvgVOI4QPc6dIcRsoZ

Score

8^/10

Malware Config

Targets

- Target
  
  a35a62487dc077c4e57e39473fdf4cf7b6f345f95a3501aa680561e276826201
- Size
  
  2.7MB
- MD5
  
  68538d75b2771ba5bfdaf66853fcdd60
- SHA1
  
  adfb6fc46ca46d0e157079a0d7b76dbdfc3a3c10
- SHA256
  
  a35a62487dc077c4e57e39473fdf4cf7b6f345f95a3501aa680561e276826201
- SHA512
  
  9d1286efbc35d1dcfda6a96d9976f3efcf1fb312dd6ba2f28840f930834ec691898b3f0f51750a62828015710351331bf1104dfa5ae194e48191b3b1d02c31ea
- SSDEEP
  
  49152:oJy796EvMtTx435MtV+O14pWPMPdEAnPc5aIgqINUB+EuWi0+CSqvVBI1rw:d7AEvgVOI4QPc6dIcRsoZ
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2