35a67e431908b776e4a460dce9e20e7fbaa5a6f3d0effa7cc113b1fbcbc4f6f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35a67e431908b776e4a460dce9e20e7fbaa5a6f3d0effa7cc113b1fbcbc4f6f8
Size

1.5MB
Sample

230211-t9ehtsbc9z
MD5

8f4ea7b179794f1ec98aa62e4ac780df
SHA1

618847b4187bf11d9f7f68c7a27cb8c913eac892
SHA256

35a67e431908b776e4a460dce9e20e7fbaa5a6f3d0effa7cc113b1fbcbc4f6f8
SHA512

2d94605109f731a9a0fcf4ae98243b1045c77e302f6ded3ba3b36aa5f2ed5781e835df2c04107e541f0a73f9e89788c96c0c7e1df8cef343a5bdd97b3f412bee
SSDEEP

24576:VLeTtjJF5HrK73BUqPlOia8fQJS63EDMjez1Uv6nwSi7osANA3rq0Vs2oueq6Rwr:VLYg7lOia84JSNMj0TwSRsiA3rq0VUu9

Score

7^/10

Malware Config

Targets

- Target
  
  35a67e431908b776e4a460dce9e20e7fbaa5a6f3d0effa7cc113b1fbcbc4f6f8
- Size
  
  1.5MB
- MD5
  
  8f4ea7b179794f1ec98aa62e4ac780df
- SHA1
  
  618847b4187bf11d9f7f68c7a27cb8c913eac892
- SHA256
  
  35a67e431908b776e4a460dce9e20e7fbaa5a6f3d0effa7cc113b1fbcbc4f6f8
- SHA512
  
  2d94605109f731a9a0fcf4ae98243b1045c77e302f6ded3ba3b36aa5f2ed5781e835df2c04107e541f0a73f9e89788c96c0c7e1df8cef343a5bdd97b3f412bee
- SSDEEP
  
  24576:VLeTtjJF5HrK73BUqPlOia8fQJS63EDMjez1Uv6nwSi7osANA3rq0Vs2oueq6Rwr:VLYg7lOia84JSNMj0TwSRsiA3rq0VUu9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1