99e70dec4cb48099dd531da5683195e27d08981c9c4627c2864c238f27c43d56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99e70dec4cb48099dd531da5683195e27d08981c9c4627c2864c238f27c43d56
Size

180KB
Sample

221206-aj3m7adf9t
MD5

df47cb0b73b2927b4ff47b2f0985884d
SHA1

b15ad7938738f406b6446f26b6bc61043a1fa80d
SHA256

99e70dec4cb48099dd531da5683195e27d08981c9c4627c2864c238f27c43d56
SHA512

13a2be76435cd960c6f193beb134e187b6042977a1a1f8dfcc56ff703f54dd7f751301177bc089dc3eb29e30afa3c6e70e4a1cc39a7e85475d551aaf8c870470
SSDEEP

3072:ABAp5XhKpN4eOyVTGfhEClj8jTk+0h1wk09+g8FE6I:3bXE9OiTGfhEClq97k09+DlI

Score

8^/10

Malware Config

Targets

- Target
  
  99e70dec4cb48099dd531da5683195e27d08981c9c4627c2864c238f27c43d56
- Size
  
  180KB
- MD5
  
  df47cb0b73b2927b4ff47b2f0985884d
- SHA1
  
  b15ad7938738f406b6446f26b6bc61043a1fa80d
- SHA256
  
  99e70dec4cb48099dd531da5683195e27d08981c9c4627c2864c238f27c43d56
- SHA512
  
  13a2be76435cd960c6f193beb134e187b6042977a1a1f8dfcc56ff703f54dd7f751301177bc089dc3eb29e30afa3c6e70e4a1cc39a7e85475d551aaf8c870470
- SSDEEP
  
  3072:ABAp5XhKpN4eOyVTGfhEClj8jTk+0h1wk09+g8FE6I:3bXE9OiTGfhEClq97k09+DlI
Score

8^/10
- Blocklisted process makes network request
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2