345aac6d9dc8c3fc9994f4d57ad8d9d19b084eb5dccfbe791e80abd837bfcc70 | Triage

Sharing

General

Target

345aac6d9dc8c3fc9994f4d57ad8d9d19b084eb5dccfbe791e80abd837bfcc70
Size

1.6MB
Sample

230305-fbzjfsfb4x
MD5

e57db10f538de3f3f972b2414ab65739
SHA1

a6ff181ca93bc4815b5f22bd22af840e08558cce
SHA256

345aac6d9dc8c3fc9994f4d57ad8d9d19b084eb5dccfbe791e80abd837bfcc70
SHA512

abff51bb64d929629b82a6908b55c57227b3d685c2851d4883c5bf276be348755461ca773741b85dfa5b5f1fe8b894e24eecae7a86b9c7bcc0ec48bb14046ef6
SSDEEP

24576:rconAINPy/CQ9U5/cg6rv04sgql/cT/5fbMHo5d08xTWvPnPN5sMTXqvKEyH:bRxzt0M4sB/czxMHUKETwPH26

Score

7^/10

Malware Config

Targets

- Target
  
  345aac6d9dc8c3fc9994f4d57ad8d9d19b084eb5dccfbe791e80abd837bfcc70
- Size
  
  1.6MB
- MD5
  
  e57db10f538de3f3f972b2414ab65739
- SHA1
  
  a6ff181ca93bc4815b5f22bd22af840e08558cce
- SHA256
  
  345aac6d9dc8c3fc9994f4d57ad8d9d19b084eb5dccfbe791e80abd837bfcc70
- SHA512
  
  abff51bb64d929629b82a6908b55c57227b3d685c2851d4883c5bf276be348755461ca773741b85dfa5b5f1fe8b894e24eecae7a86b9c7bcc0ec48bb14046ef6
- SSDEEP
  
  24576:rconAINPy/CQ9U5/cg6rv04sgql/cT/5fbMHo5d08xTWvPnPN5sMTXqvKEyH:bRxzt0M4sB/czxMHUKETwPH26
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1