29dfbb65abb856dd7082a892feb484f3f640e2159c1a21ab2393784244d3aa5e | Triage

Sharing

General

Target

29dfbb65abb856dd7082a892feb484f3f640e2159c1a21ab2393784244d3aa5e
Size

1.5MB
Sample

230418-xw4scafc7t
MD5

f7dcb6add830463343b0c3b0f2d5f926
SHA1

822f430756a0d5b316d55249d61e6387860778e0
SHA256

29dfbb65abb856dd7082a892feb484f3f640e2159c1a21ab2393784244d3aa5e
SHA512

24a41e2eee9340523d88eba0d0c6a0257b9fff24c580ee1efb122ecd100443c61624f01d290ae04c4aeb83971c07f2b9ff251379474d0c3b9cebad0ee4415db5
SSDEEP

24576:Yutr5OUbtJmgZ/UjemilQ0OxbMu+FRhJVoAHtczZKE0XjH9TEtGJItv5M/Co:YuXvJmSK0OxbTYRZoANczw/T9tItv5G9

Score

7^/10

Malware Config

Targets

- Target
  
  29dfbb65abb856dd7082a892feb484f3f640e2159c1a21ab2393784244d3aa5e
- Size
  
  1.5MB
- MD5
  
  f7dcb6add830463343b0c3b0f2d5f926
- SHA1
  
  822f430756a0d5b316d55249d61e6387860778e0
- SHA256
  
  29dfbb65abb856dd7082a892feb484f3f640e2159c1a21ab2393784244d3aa5e
- SHA512
  
  24a41e2eee9340523d88eba0d0c6a0257b9fff24c580ee1efb122ecd100443c61624f01d290ae04c4aeb83971c07f2b9ff251379474d0c3b9cebad0ee4415db5
- SSDEEP
  
  24576:Yutr5OUbtJmgZ/UjemilQ0OxbMu+FRhJVoAHtczZKE0XjH9TEtGJItv5M/Co:YuXvJmSK0OxbTYRZoANczw/T9tItv5G9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2