346b1c831cc10323e2760a15ea05534cb39ed6b3a9284b91a49b75d1cd7d1fcc | Triage

Sharing

General

Target

346b1c831cc10323e2760a15ea05534cb39ed6b3a9284b91a49b75d1cd7d1fcc
Size

208KB
Sample

230608-q2wklafg54
MD5

fb6554b5f0ae5d1bcc8c6403d28a2234
SHA1

4d35457dfa4a03fbffbe997ecec4dc4a59827ed4
SHA256

346b1c831cc10323e2760a15ea05534cb39ed6b3a9284b91a49b75d1cd7d1fcc
SHA512

6d5a2c21aa41e2b4e013c30e157fbf374080790f20989cedda5b420e695f83dff01adf4e82e6b5a35a0ee13ed887d9f643c650c998b506653219e56161e1c2a4
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  346b1c831cc10323e2760a15ea05534cb39ed6b3a9284b91a49b75d1cd7d1fcc
- Size
  
  208KB
- MD5
  
  fb6554b5f0ae5d1bcc8c6403d28a2234
- SHA1
  
  4d35457dfa4a03fbffbe997ecec4dc4a59827ed4
- SHA256
  
  346b1c831cc10323e2760a15ea05534cb39ed6b3a9284b91a49b75d1cd7d1fcc
- SHA512
  
  6d5a2c21aa41e2b4e013c30e157fbf374080790f20989cedda5b420e695f83dff01adf4e82e6b5a35a0ee13ed887d9f643c650c998b506653219e56161e1c2a4
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1