0dd2e75f1c5e778b40edac6ff93af350172c0206a15a3f3eda8e61cd0295ac6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dd2e75f1c5e778b40edac6ff93af350172c0206a15a3f3eda8e61cd0295ac6f
Size

1.2MB
Sample

230130-n76lmsac49
MD5

043999aea5f1b65f2a62b3a91e65c18c
SHA1

66a1ebc563832fc5bffa5988947e826c7baf01fc
SHA256

0dd2e75f1c5e778b40edac6ff93af350172c0206a15a3f3eda8e61cd0295ac6f
SHA512

15577abd42dbf89a6004f76a484071fc077c3e4c0e127008a89dc74589cfcd9aaca2bd272aeed7234872969b9f9966c886ea802140c73d5d70753ce0e1143557
SSDEEP

24576:Hb7FkuoOMGBgdM1wTTQKgylepaKkhL3Us0oRiRqz2Ex:/Fkuo5562epaKkhL3Us0oRiRhEx

Score

8^/10

Malware Config

Targets

- Target
  
  0dd2e75f1c5e778b40edac6ff93af350172c0206a15a3f3eda8e61cd0295ac6f
- Size
  
  1.2MB
- MD5
  
  043999aea5f1b65f2a62b3a91e65c18c
- SHA1
  
  66a1ebc563832fc5bffa5988947e826c7baf01fc
- SHA256
  
  0dd2e75f1c5e778b40edac6ff93af350172c0206a15a3f3eda8e61cd0295ac6f
- SHA512
  
  15577abd42dbf89a6004f76a484071fc077c3e4c0e127008a89dc74589cfcd9aaca2bd272aeed7234872969b9f9966c886ea802140c73d5d70753ce0e1143557
- SSDEEP
  
  24576:Hb7FkuoOMGBgdM1wTTQKgylepaKkhL3Us0oRiRqz2Ex:/Fkuo5562epaKkhL3Us0oRiRhEx
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2