d4ae3df5b1a687b100043d03616789d7ed6f16079ca932a6c28d6d4734daf321 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4ae3df5b1a687b100043d03616789d7ed6f16079ca932a6c28d6d4734daf321
Size

78KB
Sample

221206-w8nq8acg82
MD5

edddc8acede04bdd0ddbe196e8a4095e
SHA1

6ca940495ca4dfa00692770f9e914fd23a3a3c0a
SHA256

d4ae3df5b1a687b100043d03616789d7ed6f16079ca932a6c28d6d4734daf321
SHA512

bbe814acfa88efdbca493bad70dd017da7be152f7c90865fb2d89fabd8e8c78f5384679fdce10e9dd5621eaba7c40adb536ecd7d781128fc663c67478b71101e
SSDEEP

1536:eYIbyaJXwp9/sxP0azv9PB+Tl8EY35vtveLubC4bX97:rIb/XK6fzVPMTCHXbX97

Score

8^/10

Malware Config

Targets

- Target
  
  d4ae3df5b1a687b100043d03616789d7ed6f16079ca932a6c28d6d4734daf321
- Size
  
  78KB
- MD5
  
  edddc8acede04bdd0ddbe196e8a4095e
- SHA1
  
  6ca940495ca4dfa00692770f9e914fd23a3a3c0a
- SHA256
  
  d4ae3df5b1a687b100043d03616789d7ed6f16079ca932a6c28d6d4734daf321
- SHA512
  
  bbe814acfa88efdbca493bad70dd017da7be152f7c90865fb2d89fabd8e8c78f5384679fdce10e9dd5621eaba7c40adb536ecd7d781128fc663c67478b71101e
- SSDEEP
  
  1536:eYIbyaJXwp9/sxP0azv9PB+Tl8EY35vtveLubC4bX97:rIb/XK6fzVPMTCHXbX97
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2