ae7f51c7e77fbbe7ee8d9af66b5268ae630f0f9197cf68a47824ac313ed563fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae7f51c7e77fbbe7ee8d9af66b5268ae630f0f9197cf68a47824ac313ed563fc
Size

140KB
Sample

221205-w78p1aed43
MD5

0d50038c32dea260d5a809dd7ebaf6e6
SHA1

d6bd5abbf40fe42d2ee42372d1e4ed0437b5279a
SHA256

ae7f51c7e77fbbe7ee8d9af66b5268ae630f0f9197cf68a47824ac313ed563fc
SHA512

d6214dd251f198c86478e2c79d98d1cff7bfd14eea6bd616f408fa53a13e52c096dee780b738a81cc27aa184b9ad316e27d9b332deacfd688e075c5fab33527e
SSDEEP

768:r/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfL1:rRsvcdcQjosnvnZ6LQ1E1

Score

8^/10

Malware Config

Targets

- Target
  
  ae7f51c7e77fbbe7ee8d9af66b5268ae630f0f9197cf68a47824ac313ed563fc
- Size
  
  140KB
- MD5
  
  0d50038c32dea260d5a809dd7ebaf6e6
- SHA1
  
  d6bd5abbf40fe42d2ee42372d1e4ed0437b5279a
- SHA256
  
  ae7f51c7e77fbbe7ee8d9af66b5268ae630f0f9197cf68a47824ac313ed563fc
- SHA512
  
  d6214dd251f198c86478e2c79d98d1cff7bfd14eea6bd616f408fa53a13e52c096dee780b738a81cc27aa184b9ad316e27d9b332deacfd688e075c5fab33527e
- SSDEEP
  
  768:r/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfL1:rRsvcdcQjosnvnZ6LQ1E1
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2