d06feb3d2f1ac98bd8e563e9fabb2077028a41bc48499ea6adf2a61afe699f85 | Triage

Sharing

General

Target

d06feb3d2f1ac98bd8e563e9fabb2077028a41bc48499ea6adf2a61afe699f85
Size

45KB
Sample

240311-a8jllsfh83
MD5

f114ed3797fab278ee6ccd439ecee276
SHA1

9a7537ed4ec3a4f4d3a19c50d49797846b10ad1f
SHA256

d06feb3d2f1ac98bd8e563e9fabb2077028a41bc48499ea6adf2a61afe699f85
SHA512

3f2727b18f07e61abb03cd88825380b07a6bbf38bdf9d7be97cc670cd2a0dcb90eb344e24f91625d7df4789e3c8444398a199fecd9d7f908843fb3b3b5a99756
SSDEEP

384:/opQWRIg8e+6U44d1XxfvAHbluRSbVL1+LIh/WP0ZysgLOaszrQ:/0hR6VXxfvAHbEPIXIssdsfQ

Score

7^/10

Malware Config

Targets

- Target
  
  d06feb3d2f1ac98bd8e563e9fabb2077028a41bc48499ea6adf2a61afe699f85
- Size
  
  45KB
- MD5
  
  f114ed3797fab278ee6ccd439ecee276
- SHA1
  
  9a7537ed4ec3a4f4d3a19c50d49797846b10ad1f
- SHA256
  
  d06feb3d2f1ac98bd8e563e9fabb2077028a41bc48499ea6adf2a61afe699f85
- SHA512
  
  3f2727b18f07e61abb03cd88825380b07a6bbf38bdf9d7be97cc670cd2a0dcb90eb344e24f91625d7df4789e3c8444398a199fecd9d7f908843fb3b3b5a99756
- SSDEEP
  
  384:/opQWRIg8e+6U44d1XxfvAHbluRSbVL1+LIh/WP0ZysgLOaszrQ:/0hR6VXxfvAHbEPIXIssdsfQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2