85f251bb5e7379eb3ae293b4a5e87b63cc2ba494fc080ab696c3eb70d4dc8b64 | Triage

Sharing

General

Target

85f251bb5e7379eb3ae293b4a5e87b63cc2ba494fc080ab696c3eb70d4dc8b64
Size

207KB
Sample

230608-csyfyabd4v
MD5

b54fc25308e61ee56e0d551ec2c6e8be
SHA1

f092381dc8d4f174f3eb59cf450cefbf19853dd1
SHA256

85f251bb5e7379eb3ae293b4a5e87b63cc2ba494fc080ab696c3eb70d4dc8b64
SHA512

f9944b95b11e06b3f862dfc9036d237911136e89747775c6e1c6067d26f2ad867e0c370afb24ce0204e1e300c847bf1820059765e4d6367f6d0ae0d2e0de9015
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  85f251bb5e7379eb3ae293b4a5e87b63cc2ba494fc080ab696c3eb70d4dc8b64
- Size
  
  207KB
- MD5
  
  b54fc25308e61ee56e0d551ec2c6e8be
- SHA1
  
  f092381dc8d4f174f3eb59cf450cefbf19853dd1
- SHA256
  
  85f251bb5e7379eb3ae293b4a5e87b63cc2ba494fc080ab696c3eb70d4dc8b64
- SHA512
  
  f9944b95b11e06b3f862dfc9036d237911136e89747775c6e1c6067d26f2ad867e0c370afb24ce0204e1e300c847bf1820059765e4d6367f6d0ae0d2e0de9015
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1