33e635af53ec7b1c80e8abd80f397c3af12ea20a0f0d3647a2398faae3b64b9d | Triage

Sharing

General

Target

33e635af53ec7b1c80e8abd80f397c3af12ea20a0f0d3647a2398faae3b64b9d
Size

207KB
Sample

230608-desh7sbc29
MD5

99963ff0c2f3c3d61198109f29701f37
SHA1

0511c1afb4ebef5d03bf733fd540e4c79f2e9df7
SHA256

33e635af53ec7b1c80e8abd80f397c3af12ea20a0f0d3647a2398faae3b64b9d
SHA512

33173997a0a99038ff54dd29e002f46312e2b3787a3d5f5cddcb6d47e5c169dc36352d60bde9a3b414e3dfe96b905c3290242ae66222f7c0d9ce4290eb9f9ab1
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  33e635af53ec7b1c80e8abd80f397c3af12ea20a0f0d3647a2398faae3b64b9d
- Size
  
  207KB
- MD5
  
  99963ff0c2f3c3d61198109f29701f37
- SHA1
  
  0511c1afb4ebef5d03bf733fd540e4c79f2e9df7
- SHA256
  
  33e635af53ec7b1c80e8abd80f397c3af12ea20a0f0d3647a2398faae3b64b9d
- SHA512
  
  33173997a0a99038ff54dd29e002f46312e2b3787a3d5f5cddcb6d47e5c169dc36352d60bde9a3b414e3dfe96b905c3290242ae66222f7c0d9ce4290eb9f9ab1
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1