a54f58f88127c3934a0ff1c28c73ce0afbc928add976381d1d0211928766fc69 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a54f58f88127c3934a0ff1c28c73ce0afbc928add976381d1d0211928766fc69
Size

743KB
Sample

221206-qg5b1abd82
MD5

3d1579637e6ab3155a3f86862e0dd2f1
SHA1

6c17629ebb7c8e6aa1bc0565351963c1b7b393da
SHA256

a54f58f88127c3934a0ff1c28c73ce0afbc928add976381d1d0211928766fc69
SHA512

13e3d7ded061f784d3445e76749cd56d472f1017bd685779af8d5192232c1368a3aa11caf915d9b34419b4c43fa2800d6bb0dd12e0cefede982e001797450f3b
SSDEEP

12288:skQ4PIcBqHybSce3dhPq5nd+qsT1Z7LrAJGX0k612tMLiVjWM8:s5QIzHyuhiDyrwG761BJ/

Score

8^/10

Malware Config

Targets

- Target
  
  a54f58f88127c3934a0ff1c28c73ce0afbc928add976381d1d0211928766fc69
- Size
  
  743KB
- MD5
  
  3d1579637e6ab3155a3f86862e0dd2f1
- SHA1
  
  6c17629ebb7c8e6aa1bc0565351963c1b7b393da
- SHA256
  
  a54f58f88127c3934a0ff1c28c73ce0afbc928add976381d1d0211928766fc69
- SHA512
  
  13e3d7ded061f784d3445e76749cd56d472f1017bd685779af8d5192232c1368a3aa11caf915d9b34419b4c43fa2800d6bb0dd12e0cefede982e001797450f3b
- SSDEEP
  
  12288:skQ4PIcBqHybSce3dhPq5nd+qsT1Z7LrAJGX0k612tMLiVjWM8:s5QIzHyuhiDyrwG761BJ/
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2