198641c6e206828834b441764ad24e61d595d95aff366dbacc74919d936390bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

198641c6e206828834b441764ad24e61d595d95aff366dbacc74919d936390bf
Size

2.7MB
Sample

231012-xswybshh2t
MD5

dc498ddf3ba67a02d9f839885ec55d0b
SHA1

4c6e1bdd63b9e9f3cc53627ddc30f8e5aaafd1d4
SHA256

198641c6e206828834b441764ad24e61d595d95aff366dbacc74919d936390bf
SHA512

c70bb21c7e405582191b67e213489668467c0bf0279e2391ba0bfab23b6eab5cfd4aabfa97e306b254fcc0ae799dc1f25052cbf25e1a8883c90d38603386f485
SSDEEP

49152:acbz6GzJT8USgT/eFOn7EuTEBQ1wP9p0xxOSJfd4RwrkimJtZElBBuIT:acb7zh8uWwri0Pxx/JFdrki4taA4

Score

7^/10

Malware Config

Targets

- Target
  
  198641c6e206828834b441764ad24e61d595d95aff366dbacc74919d936390bf
- Size
  
  2.7MB
- MD5
  
  dc498ddf3ba67a02d9f839885ec55d0b
- SHA1
  
  4c6e1bdd63b9e9f3cc53627ddc30f8e5aaafd1d4
- SHA256
  
  198641c6e206828834b441764ad24e61d595d95aff366dbacc74919d936390bf
- SHA512
  
  c70bb21c7e405582191b67e213489668467c0bf0279e2391ba0bfab23b6eab5cfd4aabfa97e306b254fcc0ae799dc1f25052cbf25e1a8883c90d38603386f485
- SSDEEP
  
  49152:acbz6GzJT8USgT/eFOn7EuTEBQ1wP9p0xxOSJfd4RwrkimJtZElBBuIT:acb7zh8uWwri0Pxx/JFdrki4taA4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2