6c036db81002b19e39ca85b596c23061fb00a3a5527e2668c3280d9a3798b3ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6c036db81002b19e39ca85b596c23061fb00a3a5527e2668c3280d9a3798b3ff
Size

421KB
Sample

230416-xn824adc9t
MD5

f5398f44c68aa7c6966b08904590e4fd
SHA1

fe8308722a17034a7e7ac11b1ff77b772866fdd3
SHA256

6c036db81002b19e39ca85b596c23061fb00a3a5527e2668c3280d9a3798b3ff
SHA512

0b78284162965a0bacbe6d9fb22a62f5b71f7dc28af5bfe67ca83b39399c60ec0245531878adb3e35d76ecf288c149d081f57ddda38e7c1adbd947204863dae9
SSDEEP

12288:DjODTivE9GzlufyRWPvxR/cAM/nvgjMs94YNycqA:DjOysIhufN3MAM/nvgXNyTA

Score

7^/10

Malware Config

Targets

- Target
  
  6c036db81002b19e39ca85b596c23061fb00a3a5527e2668c3280d9a3798b3ff
- Size
  
  421KB
- MD5
  
  f5398f44c68aa7c6966b08904590e4fd
- SHA1
  
  fe8308722a17034a7e7ac11b1ff77b772866fdd3
- SHA256
  
  6c036db81002b19e39ca85b596c23061fb00a3a5527e2668c3280d9a3798b3ff
- SHA512
  
  0b78284162965a0bacbe6d9fb22a62f5b71f7dc28af5bfe67ca83b39399c60ec0245531878adb3e35d76ecf288c149d081f57ddda38e7c1adbd947204863dae9
- SSDEEP
  
  12288:DjODTivE9GzlufyRWPvxR/cAM/nvgjMs94YNycqA:DjOysIhufN3MAM/nvgXNyTA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2