9c21046a0f04c084aa7f3e7f729f7250c60bb11b7562792253179a2a0664a7f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9c21046a0f04c084aa7f3e7f729f7250c60bb11b7562792253179a2a0664a7f1
Size

336KB
Sample

221206-3plwvaeg45
MD5

b8489724af0a752bae61fd2201e2d99d
SHA1

70d56f161ba59fd14e3083a46ff06834748aaca5
SHA256

9c21046a0f04c084aa7f3e7f729f7250c60bb11b7562792253179a2a0664a7f1
SHA512

eb0990723a949f62747d40df83b721bd8d6fd3560d6a47d1072fe508f790be25a42f2ae0ca23b1161a4e9bcc6e18f5167243d6c14384c5f5ff87d9f9931fd99a
SSDEEP

6144:ilfJYw8QKSQjyqeNjFKdMtq/HNUNmFlRe/0+T64B2QW+qmE7:+n8u2be/KdMtYomFi/0+TRBeiE7

Score

8^/10

Malware Config

Targets

- Target
  
  9c21046a0f04c084aa7f3e7f729f7250c60bb11b7562792253179a2a0664a7f1
- Size
  
  336KB
- MD5
  
  b8489724af0a752bae61fd2201e2d99d
- SHA1
  
  70d56f161ba59fd14e3083a46ff06834748aaca5
- SHA256
  
  9c21046a0f04c084aa7f3e7f729f7250c60bb11b7562792253179a2a0664a7f1
- SHA512
  
  eb0990723a949f62747d40df83b721bd8d6fd3560d6a47d1072fe508f790be25a42f2ae0ca23b1161a4e9bcc6e18f5167243d6c14384c5f5ff87d9f9931fd99a
- SSDEEP
  
  6144:ilfJYw8QKSQjyqeNjFKdMtq/HNUNmFlRe/0+T64B2QW+qmE7:+n8u2be/KdMtYomFi/0+TRBeiE7
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2