ddeac6c9bfb9db36e546363654566e4f1031694336d0b70c843483f606ba6436 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ddeac6c9bfb9db36e546363654566e4f1031694336d0b70c843483f606ba6436
Size

2.1MB
Sample

231011-fztywabd4t
MD5

16a7182dd80d88187f2b60cb44010b49
SHA1

8dae8af3b6939d326c5f6cd0c50a1f4c38bcd692
SHA256

ddeac6c9bfb9db36e546363654566e4f1031694336d0b70c843483f606ba6436
SHA512

dc2dc79f301233386f213d19fe2b7184a2e5483a5f246b4b1fbf8f11f89b46572d96e54791c4f8083efdfd214494ff482bb82835f0d7aeca834ccb9868fbe5d8
SSDEEP

49152:ISpopNLpsSEoM6ltK7SH/wTweOybSlOYhZNJKsbOQ:ISpkLpsl+lvDeOyH6D8sbl

Score

7^/10

Malware Config

Targets

- Target
  
  ddeac6c9bfb9db36e546363654566e4f1031694336d0b70c843483f606ba6436
- Size
  
  2.1MB
- MD5
  
  16a7182dd80d88187f2b60cb44010b49
- SHA1
  
  8dae8af3b6939d326c5f6cd0c50a1f4c38bcd692
- SHA256
  
  ddeac6c9bfb9db36e546363654566e4f1031694336d0b70c843483f606ba6436
- SHA512
  
  dc2dc79f301233386f213d19fe2b7184a2e5483a5f246b4b1fbf8f11f89b46572d96e54791c4f8083efdfd214494ff482bb82835f0d7aeca834ccb9868fbe5d8
- SSDEEP
  
  49152:ISpopNLpsSEoM6ltK7SH/wTweOybSlOYhZNJKsbOQ:ISpkLpsl+lvDeOyH6D8sbl
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2