906cfeb0b32368fd8f65b1ce599198850ee035aa1ac5ec9bb47181d453087c31 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

906cfeb0b32368fd8f65b1ce599198850ee035aa1ac5ec9bb47181d453087c31
Size

206KB
Sample

230607-21r2kaha29
MD5

a7fcf311edf1e2bc5e101b48e3749a21
SHA1

87c3f5efe1ae9b4344fbdbee06b403a43466f642
SHA256

906cfeb0b32368fd8f65b1ce599198850ee035aa1ac5ec9bb47181d453087c31
SHA512

0b3ff958927759518357ef5e9b78f646a71aa995f9f31fbe40f32b63c31e740863cd275dd57ec27fc3e089ecbce62e0ebe3c48a4d255fc6b66498963553c9827
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  906cfeb0b32368fd8f65b1ce599198850ee035aa1ac5ec9bb47181d453087c31
- Size
  
  206KB
- MD5
  
  a7fcf311edf1e2bc5e101b48e3749a21
- SHA1
  
  87c3f5efe1ae9b4344fbdbee06b403a43466f642
- SHA256
  
  906cfeb0b32368fd8f65b1ce599198850ee035aa1ac5ec9bb47181d453087c31
- SHA512
  
  0b3ff958927759518357ef5e9b78f646a71aa995f9f31fbe40f32b63c31e740863cd275dd57ec27fc3e089ecbce62e0ebe3c48a4d255fc6b66498963553c9827
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1