ff56011a62ed4d57d3ca73e08ea2086d97030647db23b1c069c87f8439a625a9 | Triage

Sharing

General

Target

ff56011a62ed4d57d3ca73e08ea2086d97030647db23b1c069c87f8439a625a9
Size

205KB
Sample

230607-ny1c9shh32
MD5

87ac9020e113c91f6ddf0d41f5fc3dfb
SHA1

9a0dcdf9ce91b5295bba0b4f5f2269431c0cd028
SHA256

ff56011a62ed4d57d3ca73e08ea2086d97030647db23b1c069c87f8439a625a9
SHA512

d5e3fea67a3f31fbe361b8de873cd34c934c759b064ba8d0e26b9182357d471c4cd3c1a73b4e04690b13e5a9531de71be23ec6ca99ad51a1a5de4129c0a13d52
SSDEEP

3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj

Score

7^/10

Malware Config

Targets

- Target
  
  ff56011a62ed4d57d3ca73e08ea2086d97030647db23b1c069c87f8439a625a9
- Size
  
  205KB
- MD5
  
  87ac9020e113c91f6ddf0d41f5fc3dfb
- SHA1
  
  9a0dcdf9ce91b5295bba0b4f5f2269431c0cd028
- SHA256
  
  ff56011a62ed4d57d3ca73e08ea2086d97030647db23b1c069c87f8439a625a9
- SHA512
  
  d5e3fea67a3f31fbe361b8de873cd34c934c759b064ba8d0e26b9182357d471c4cd3c1a73b4e04690b13e5a9531de71be23ec6ca99ad51a1a5de4129c0a13d52
- SSDEEP
  
  3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1