ba45e780bdd85f80d9ce89acdca2317c94361ed79190440c14b7251e6fac76bd | Triage

Sharing

General

Target

ba45e780bdd85f80d9ce89acdca2317c94361ed79190440c14b7251e6fac76bd
Size

102KB
Sample

221206-xr16naed69
MD5

80835661bca16bd648d7080d8e89b0cd
SHA1

a0aff1fb93daaac4456cd2988c00f3edafa9acb7
SHA256

ba45e780bdd85f80d9ce89acdca2317c94361ed79190440c14b7251e6fac76bd
SHA512

a1a7bab02d1f1c034619ab35aee0ff1442013526bf1dc674568829e0d52b88c80c2dd496a4b22aabc463d74db80d767fc70ebc08710e99bbf64319b8c42d8cfa
SSDEEP

1536:5rJq4nGN1BXCmpL1BXCmpAabQdUE4++nM:5rJq4nGq+E4BM

Score

8^/10

Malware Config

Targets

- Target
  
  ba45e780bdd85f80d9ce89acdca2317c94361ed79190440c14b7251e6fac76bd
- Size
  
  102KB
- MD5
  
  80835661bca16bd648d7080d8e89b0cd
- SHA1
  
  a0aff1fb93daaac4456cd2988c00f3edafa9acb7
- SHA256
  
  ba45e780bdd85f80d9ce89acdca2317c94361ed79190440c14b7251e6fac76bd
- SHA512
  
  a1a7bab02d1f1c034619ab35aee0ff1442013526bf1dc674568829e0d52b88c80c2dd496a4b22aabc463d74db80d767fc70ebc08710e99bbf64319b8c42d8cfa
- SSDEEP
  
  1536:5rJq4nGN1BXCmpL1BXCmpAabQdUE4++nM:5rJq4nGq+E4BM
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2