668bf49a79016852743ea9d7bc13eff7b0a05db340dc5a62e34df6cc9cf47fd4 | Triage

Sharing

General

Target

668bf49a79016852743ea9d7bc13eff7b0a05db340dc5a62e34df6cc9cf47fd4
Size

12.1MB
Sample

230207-hkqc9ada5w
MD5

16917cefbf8eeda255c6785e46068e93
SHA1

bbe94d5559b1bc3c8abcfae446a0a1653fffdd13
SHA256

668bf49a79016852743ea9d7bc13eff7b0a05db340dc5a62e34df6cc9cf47fd4
SHA512

b71b74573b813bc5455513fbd73f5df9a78e99846133696d5ac753a5b9ad33e7298e641b7349b7acbef05c9cd6f7f06e5749214b144c4d1a68404cb74cc11473
SSDEEP

196608:1ZrDxHIiCS/+UXa5DfdQ1RUEAaeQe94furN+FiFtlUzsIqKndos01oiRTT4asqTb:PHhIiCS9X/reCfu8srY301bHPZPU+

Score

8^/10

Malware Config

Targets

- Target
  
  668bf49a79016852743ea9d7bc13eff7b0a05db340dc5a62e34df6cc9cf47fd4
- Size
  
  12.1MB
- MD5
  
  16917cefbf8eeda255c6785e46068e93
- SHA1
  
  bbe94d5559b1bc3c8abcfae446a0a1653fffdd13
- SHA256
  
  668bf49a79016852743ea9d7bc13eff7b0a05db340dc5a62e34df6cc9cf47fd4
- SHA512
  
  b71b74573b813bc5455513fbd73f5df9a78e99846133696d5ac753a5b9ad33e7298e641b7349b7acbef05c9cd6f7f06e5749214b144c4d1a68404cb74cc11473
- SSDEEP
  
  196608:1ZrDxHIiCS/+UXa5DfdQ1RUEAaeQe94furN+FiFtlUzsIqKndos01oiRTT4asqTb:PHhIiCS9X/reCfu8srY301bHPZPU+
Score

8^/10
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2