61fcbbb8c74c5c4e14db8cf5345acb1cdcdaee54f68b7f36804f83999b893a5a | Triage

Sharing

General

Target

61fcbbb8c74c5c4e14db8cf5345acb1cdcdaee54f68b7f36804f83999b893a5a
Size

1.6MB
Sample

230320-rc9atsdh22
MD5

d122fbe1c317a444d281499977d7a6c5
SHA1

17f116afb5b4228bdde7e13259160b7ca3fce3d2
SHA256

61fcbbb8c74c5c4e14db8cf5345acb1cdcdaee54f68b7f36804f83999b893a5a
SHA512

ecbe6936c9a9bf2a0138cb3c9510d2d00092fd308e0c8bdb3ec95ac1ea91fa8882d453f1652572d2bd3e518719c4413838218a7aedc006d37d64b144119253c0
SSDEEP

49152:dNsWhFZBfJXAE4ILZVKFFBsS3wrPHISIROJ:TsWhFZBfKEtwxXzm

Score

7^/10

Malware Config

Targets

- Target
  
  61fcbbb8c74c5c4e14db8cf5345acb1cdcdaee54f68b7f36804f83999b893a5a
- Size
  
  1.6MB
- MD5
  
  d122fbe1c317a444d281499977d7a6c5
- SHA1
  
  17f116afb5b4228bdde7e13259160b7ca3fce3d2
- SHA256
  
  61fcbbb8c74c5c4e14db8cf5345acb1cdcdaee54f68b7f36804f83999b893a5a
- SHA512
  
  ecbe6936c9a9bf2a0138cb3c9510d2d00092fd308e0c8bdb3ec95ac1ea91fa8882d453f1652572d2bd3e518719c4413838218a7aedc006d37d64b144119253c0
- SSDEEP
  
  49152:dNsWhFZBfJXAE4ILZVKFFBsS3wrPHISIROJ:TsWhFZBfKEtwxXzm
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1