2ddfb5c0ec4c8c0a4a05c535638a48fd5a50eef5a816b98c588938a8a6b01bb8 | Triage

Sharing

General

Target

2ddfb5c0ec4c8c0a4a05c535638a48fd5a50eef5a816b98c588938a8a6b01bb8
Size

209KB
Sample

230608-v68g6shb85
MD5

4c6ca6755e8a3f9d9ff75f11b848ba66
SHA1

7666ce4e1f4015ce1af584d86b1c17c3aac08b89
SHA256

2ddfb5c0ec4c8c0a4a05c535638a48fd5a50eef5a816b98c588938a8a6b01bb8
SHA512

8d06c060370b23da070169c8c8b184ea807e93a3532c477063eb6ac40f4caba6a18c78d50bb512f2c4ddf5a9249d2440512fe51a516866987c3a7fb38efdcab6
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  2ddfb5c0ec4c8c0a4a05c535638a48fd5a50eef5a816b98c588938a8a6b01bb8
- Size
  
  209KB
- MD5
  
  4c6ca6755e8a3f9d9ff75f11b848ba66
- SHA1
  
  7666ce4e1f4015ce1af584d86b1c17c3aac08b89
- SHA256
  
  2ddfb5c0ec4c8c0a4a05c535638a48fd5a50eef5a816b98c588938a8a6b01bb8
- SHA512
  
  8d06c060370b23da070169c8c8b184ea807e93a3532c477063eb6ac40f4caba6a18c78d50bb512f2c4ddf5a9249d2440512fe51a516866987c3a7fb38efdcab6
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1