6b19717057aaa3fc784918c015a50a52ac915a3ee918293161e0873eb03271da | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b19717057aaa3fc784918c015a50a52ac915a3ee918293161e0873eb03271da
Size

207KB
Sample

230608-khq8wadc47
MD5

baa2248b6af18857645c9b03dfd67d54
SHA1

b4b1b079ce19d152c9c2932a136644de3f1001f5
SHA256

6b19717057aaa3fc784918c015a50a52ac915a3ee918293161e0873eb03271da
SHA512

471f921afc3470280229473e451a21a6dcf5487163c3854c2ef7d3ea80f7aee54b67c1d0e751e5ce6caefda37b4675b588c0f1c322a58b24bf2f8b2f3d2d840b
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  6b19717057aaa3fc784918c015a50a52ac915a3ee918293161e0873eb03271da
- Size
  
  207KB
- MD5
  
  baa2248b6af18857645c9b03dfd67d54
- SHA1
  
  b4b1b079ce19d152c9c2932a136644de3f1001f5
- SHA256
  
  6b19717057aaa3fc784918c015a50a52ac915a3ee918293161e0873eb03271da
- SHA512
  
  471f921afc3470280229473e451a21a6dcf5487163c3854c2ef7d3ea80f7aee54b67c1d0e751e5ce6caefda37b4675b588c0f1c322a58b24bf2f8b2f3d2d840b
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1