b8929963c073acc1e20a696ada8d2990c3baeed41e22078eed6232a37b853af9 | Triage

Sharing

General

Target

b8929963c073acc1e20a696ada8d2990c3baeed41e22078eed6232a37b853af9
Size

11.9MB
Sample

230214-w2whgsfc23
MD5

fb4debd112aceb8682f807251ad5a916
SHA1

68ac6f256cdb5fb4dd49504915fb5e23ec68d4d6
SHA256

b8929963c073acc1e20a696ada8d2990c3baeed41e22078eed6232a37b853af9
SHA512

17f362c89624b278296f8e1f73e100e165b81d13ee7dca277229b6a9596f2513fb9639349620a2b55badbb8c5c55521f01c51ffe918fb063b3a061cdd8d36bdb
SSDEEP

196608:xEP+6cL/922hPs7wcjJoRkT1Rz+ie8YqS0PTMhcst6qlz/djYdCK02WtuniyskwQ:2P+6a08U7wclleCLTMhcy6qlz1R92Uu1

Score

7^/10

Malware Config

Targets

- Target
  
  b8929963c073acc1e20a696ada8d2990c3baeed41e22078eed6232a37b853af9
- Size
  
  11.9MB
- MD5
  
  fb4debd112aceb8682f807251ad5a916
- SHA1
  
  68ac6f256cdb5fb4dd49504915fb5e23ec68d4d6
- SHA256
  
  b8929963c073acc1e20a696ada8d2990c3baeed41e22078eed6232a37b853af9
- SHA512
  
  17f362c89624b278296f8e1f73e100e165b81d13ee7dca277229b6a9596f2513fb9639349620a2b55badbb8c5c55521f01c51ffe918fb063b3a061cdd8d36bdb
- SSDEEP
  
  196608:xEP+6cL/922hPs7wcjJoRkT1Rz+ie8YqS0PTMhcst6qlz/djYdCK02WtuniyskwQ:2P+6a08U7wclleCLTMhcy6qlz1R92Uu1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2