6aa8c7d75444cab92698884fc8305176ae946ceb60033bb09dc1bd6f6739e3f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6aa8c7d75444cab92698884fc8305176ae946ceb60033bb09dc1bd6f6739e3f4
Size

209KB
Sample

230608-v2bmmshh8z
MD5

924174513062736199bc4eb92d4dd98c
SHA1

66a6c402f42d1f8845e609ebceef706c8194fc04
SHA256

6aa8c7d75444cab92698884fc8305176ae946ceb60033bb09dc1bd6f6739e3f4
SHA512

050beea41f145d693a053b308ca6dae483fe8208fdc8bda5bad9f98fdd5fdd5dcaa75a195ac73092f76ae90a4c4168d5930e7602f9fe241f78e01a63b8f2520f
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  6aa8c7d75444cab92698884fc8305176ae946ceb60033bb09dc1bd6f6739e3f4
- Size
  
  209KB
- MD5
  
  924174513062736199bc4eb92d4dd98c
- SHA1
  
  66a6c402f42d1f8845e609ebceef706c8194fc04
- SHA256
  
  6aa8c7d75444cab92698884fc8305176ae946ceb60033bb09dc1bd6f6739e3f4
- SHA512
  
  050beea41f145d693a053b308ca6dae483fe8208fdc8bda5bad9f98fdd5fdd5dcaa75a195ac73092f76ae90a4c4168d5930e7602f9fe241f78e01a63b8f2520f
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1