166b81d666fbbac69a3de86b4c61f2256fbf554b6c7c5cda6c6e154b5e9e73e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

166b81d666fbbac69a3de86b4c61f2256fbf554b6c7c5cda6c6e154b5e9e73e7
Size

205KB
Sample

230607-rzaqsacc6z
MD5

d9bbe9415eb310edffb9cbaa88fa899a
SHA1

b973f0c272a27b8891676303063c1c7c8f5568ab
SHA256

166b81d666fbbac69a3de86b4c61f2256fbf554b6c7c5cda6c6e154b5e9e73e7
SHA512

9ffc5d52d2318b179e5ecada9c3509773b26994c7aa411a28ee02f0d1140271572dc69a33e563f99948bd81e0c1992850be284689e9a8d60c107c00930fd5ada
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  166b81d666fbbac69a3de86b4c61f2256fbf554b6c7c5cda6c6e154b5e9e73e7
- Size
  
  205KB
- MD5
  
  d9bbe9415eb310edffb9cbaa88fa899a
- SHA1
  
  b973f0c272a27b8891676303063c1c7c8f5568ab
- SHA256
  
  166b81d666fbbac69a3de86b4c61f2256fbf554b6c7c5cda6c6e154b5e9e73e7
- SHA512
  
  9ffc5d52d2318b179e5ecada9c3509773b26994c7aa411a28ee02f0d1140271572dc69a33e563f99948bd81e0c1992850be284689e9a8d60c107c00930fd5ada
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1