bb6ad7f1f3c03d2c9fcbac18a286b2fc7c0120c00b8c71aad6662577467e3cf4 | Triage

Sharing

General

Target

bb6ad7f1f3c03d2c9fcbac18a286b2fc7c0120c00b8c71aad6662577467e3cf4
Size

350KB
Sample

221206-2r5w3abf39
MD5

e6786ce38b952ae797e4045489c27d77
SHA1

e4503a1468c5ded7d54e079610b2f73a3123dbdb
SHA256

bb6ad7f1f3c03d2c9fcbac18a286b2fc7c0120c00b8c71aad6662577467e3cf4
SHA512

c18d50e16b7d44fc40a04c737c3473aacf318d64ad6ccadc63f91f5855595c4814de4e08d7f0b63a0f6d7d80635b2ec746cd919dd031e038443cac46c421ca4e
SSDEEP

6144:c/0uoJvfHhR/AAxVCvoSrCo44i8hrrZCWRqah1A9mmCQKeYDijk:cJWnBRlxVErCoKKXAZahe9m4EL

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  bb6ad7f1f3c03d2c9fcbac18a286b2fc7c0120c00b8c71aad6662577467e3cf4
- Size
  
  350KB
- MD5
  
  e6786ce38b952ae797e4045489c27d77
- SHA1
  
  e4503a1468c5ded7d54e079610b2f73a3123dbdb
- SHA256
  
  bb6ad7f1f3c03d2c9fcbac18a286b2fc7c0120c00b8c71aad6662577467e3cf4
- SHA512
  
  c18d50e16b7d44fc40a04c737c3473aacf318d64ad6ccadc63f91f5855595c4814de4e08d7f0b63a0f6d7d80635b2ec746cd919dd031e038443cac46c421ca4e
- SSDEEP
  
  6144:c/0uoJvfHhR/AAxVCvoSrCo44i8hrrZCWRqah1A9mmCQKeYDijk:cJWnBRlxVErCoKKXAZahe9m4EL
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2