5daced0aa010e940b6a6cde30df530299e9b2861039ec959af027f8430bc6238 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5daced0aa010e940b6a6cde30df530299e9b2861039ec959af027f8430bc6238
Size

205KB
Sample

230607-sxrf7ach21
MD5

f1cb8bd5b4c6152a9398360bf42bc93f
SHA1

65cb462460fc19a1ed7e0504f484d1c270f59703
SHA256

5daced0aa010e940b6a6cde30df530299e9b2861039ec959af027f8430bc6238
SHA512

bf2e6b9ff2c9bf67981328d17eb25d76b191c871c9b80ca0cfcd94c432c5fdc3485c706c120b15e4c5db44adf15a57c3e0bf3d061357fe43a6da05e214d5a350
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  5daced0aa010e940b6a6cde30df530299e9b2861039ec959af027f8430bc6238
- Size
  
  205KB
- MD5
  
  f1cb8bd5b4c6152a9398360bf42bc93f
- SHA1
  
  65cb462460fc19a1ed7e0504f484d1c270f59703
- SHA256
  
  5daced0aa010e940b6a6cde30df530299e9b2861039ec959af027f8430bc6238
- SHA512
  
  bf2e6b9ff2c9bf67981328d17eb25d76b191c871c9b80ca0cfcd94c432c5fdc3485c706c120b15e4c5db44adf15a57c3e0bf3d061357fe43a6da05e214d5a350
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1