d9ff856dd1b9fae00c86387d491ae9252c02c035247ba1bc7417861c05e0520a | Triage

Resubmissions

05/06/2023, 23:16

230605-288dhsbf8t 7

01/05/2023, 20:26

230501-y72b2agf26 7

01/05/2023, 20:19

230501-y3vzfsad3v 7

25/04/2023, 18:10

230425-wsajnaea5s 7

Sharing

General

Target

6b23fd063f99a54396d813b2e9940fe7.zip
Size

1.6MB
Sample

230605-288dhsbf8t
MD5

cb9082763439e7d44fba98ab8fc5bd79
SHA1

ac6ddb79b5aa5a700a5a51477809ee60640a0857
SHA256

d9ff856dd1b9fae00c86387d491ae9252c02c035247ba1bc7417861c05e0520a
SHA512

2a4636c8164610a82b5705c3d58691001fe791013ec762daef8f695b3132bf617f41caaf5bb026e5392446fd1166d1bf05543a88fdf2303fbac6fd36fd71240b
SSDEEP

12288:5PVxG4EgQxGFrT1eK1J8A80F5udFBa7y+uTCBAj:JLbE6F3J8kEdFsluuBAj

Score

7^/10

Malware Config

Targets

- Target
  
  6b23fd063f99a54396d813b2e9940fe7
- Size
  
  1024.0MB
- MD5
  
  c27ab9b6ad373b8c3cb6df1c7387b9bb
- SHA1
  
  896b52181ab223daa23a09a78d452d7cd6b47c87
- SHA256
  
  896d2c2ba907296e511a527db1044254f5641417d21b0917612ac3ad829cf4f5
- SHA512
  
  e9e893cffa346794d61cd1e4abc7d69e6673b89e981364260345260900158e6f6faf25bc1293b31acbd403c224cf1182dcef99017d2752865d198a9ead437536
- SSDEEP
  
  12288:1d4xk4EGaJCtrN10KtF888wT3uBZfQ7y+6TCzSB:n61E0tZ/8ceBZ4l6uzSB
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2