3a09e2b50c089eb7e0267749a325d8b5296033f8f31ce1a3f640e6da54a29992 | Triage

Sharing

General

Target

29dd0db15779ffb863345c54fd1709a7
Size

361KB
Sample

231225-s21wesbac2
MD5

29dd0db15779ffb863345c54fd1709a7
SHA1

1128ffb1bf60cfdffd2f9a6e05d99fd6ee4c425c
SHA256

3a09e2b50c089eb7e0267749a325d8b5296033f8f31ce1a3f640e6da54a29992
SHA512

33cc592b89ad6f8c45bf9ba91d67f16d5b1111a01dea68287c9c11aad3825d438e85a73ee7a6f58e83523127de4a20c74607c2af35c96c2d86f1beb859ea56af
SSDEEP

6144:cbeDLwwWFCARMB/6PbAkqxSCHg+bEDHH1j/A5Wd81Fap8UvqALK5bFOt+F4gLX63:j4wWFCA6BBkqxSC3byjQWL8MqAKcIjiP

Score

7^/10

Malware Config

Targets

- Target
  
  29dd0db15779ffb863345c54fd1709a7
- Size
  
  361KB
- MD5
  
  29dd0db15779ffb863345c54fd1709a7
- SHA1
  
  1128ffb1bf60cfdffd2f9a6e05d99fd6ee4c425c
- SHA256
  
  3a09e2b50c089eb7e0267749a325d8b5296033f8f31ce1a3f640e6da54a29992
- SHA512
  
  33cc592b89ad6f8c45bf9ba91d67f16d5b1111a01dea68287c9c11aad3825d438e85a73ee7a6f58e83523127de4a20c74607c2af35c96c2d86f1beb859ea56af
- SSDEEP
  
  6144:cbeDLwwWFCARMB/6PbAkqxSCHg+bEDHH1j/A5Wd81Fap8UvqALK5bFOt+F4gLX63:j4wWFCA6BBkqxSC3byjQWL8MqAKcIjiP
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2