f00ed1a29f0754435adfdb7f3811d72038c092e2a24f1e49c813e8ce1c451844 | Triage

Sharing

General

Target

f00ed1a29f0754435adfdb7f3811d72038c092e2a24f1e49c813e8ce1c451844
Size

200KB
Sample

221206-v3mrasbh7t
MD5

32d89fdb7eb609273921053c8611bc20
SHA1

828df61b16bc0272f0f45207bc4c54bfac5b87c5
SHA256

f00ed1a29f0754435adfdb7f3811d72038c092e2a24f1e49c813e8ce1c451844
SHA512

4beab19d1e11c74ebe44e83f7266b7ff7870da69d7af0ab47d5f2e0cd62de9a800bb44453b4d2630e265144b19df23c297e22c7062e967f2d952aa7b6c17d518
SSDEEP

3072:yIj59k+gt9h3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4e:FHoB3yGFInRO

Score

8^/10

Malware Config

Targets

- Target
  
  f00ed1a29f0754435adfdb7f3811d72038c092e2a24f1e49c813e8ce1c451844
- Size
  
  200KB
- MD5
  
  32d89fdb7eb609273921053c8611bc20
- SHA1
  
  828df61b16bc0272f0f45207bc4c54bfac5b87c5
- SHA256
  
  f00ed1a29f0754435adfdb7f3811d72038c092e2a24f1e49c813e8ce1c451844
- SHA512
  
  4beab19d1e11c74ebe44e83f7266b7ff7870da69d7af0ab47d5f2e0cd62de9a800bb44453b4d2630e265144b19df23c297e22c7062e967f2d952aa7b6c17d518
- SSDEEP
  
  3072:yIj59k+gt9h3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4e:FHoB3yGFInRO
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2