f3334e1b31544ed27bcc061e6c5b285bd23e91286a3f890dc971188669c294a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16ddcf1cd46c5e02dad06e612804b813
Size

14KB
Sample

231219-nvyp9sdchl
MD5

16ddcf1cd46c5e02dad06e612804b813
SHA1

49378b546953ff0555376b83175a3e521aab4994
SHA256

f3334e1b31544ed27bcc061e6c5b285bd23e91286a3f890dc971188669c294a2
SHA512

7cce71817d57a6556bb9fa9f0b9db9086e42d1e5f2088730cb97770dd8a819777ced86fff131d66443e4712290b7b629a44d900714cd717dd1ffe8251d1d886a
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlRs+:hDXWipuE+K3/SSHgxmlRV

Score

7^/10

Malware Config

Targets

- Target
  
  16ddcf1cd46c5e02dad06e612804b813
- Size
  
  14KB
- MD5
  
  16ddcf1cd46c5e02dad06e612804b813
- SHA1
  
  49378b546953ff0555376b83175a3e521aab4994
- SHA256
  
  f3334e1b31544ed27bcc061e6c5b285bd23e91286a3f890dc971188669c294a2
- SHA512
  
  7cce71817d57a6556bb9fa9f0b9db9086e42d1e5f2088730cb97770dd8a819777ced86fff131d66443e4712290b7b629a44d900714cd717dd1ffe8251d1d886a
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlRs+:hDXWipuE+K3/SSHgxmlRV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2