4cd45d9bf71422067e3769b993c8e047faa77c57202f1b9913ce8e9424078f72 | Triage

Sharing

General

Target

4cd45d9bf71422067e3769b993c8e047faa77c57202f1b9913ce8e9424078f72
Size

41KB
Sample

220919-dv86wseah8
MD5

71f5acf3d04df2bb0311ab2a46e3547a
SHA1

aa8f6a8925912b439ad514cd4c1c16966ba9405d
SHA256

4cd45d9bf71422067e3769b993c8e047faa77c57202f1b9913ce8e9424078f72
SHA512

c8ba33d3b1b38cfbf3aac1eacdec4f92fb612fdd4f1358bcc8e58553666ddea06a8323d6048407c4506d547a8a3ae208a3f1e9477b770c683bfd4b551534bb3e
SSDEEP

768:QIBar1ZIZYnfI9opm6AIHIjaI7g9mVmUnNoNE/W5dRV8:pW1ZIZqI9opm6AIHIjzmUmNzd

Score

8^/10

Malware Config

Targets

- Target
  
  4cd45d9bf71422067e3769b993c8e047faa77c57202f1b9913ce8e9424078f72
- Size
  
  41KB
- MD5
  
  71f5acf3d04df2bb0311ab2a46e3547a
- SHA1
  
  aa8f6a8925912b439ad514cd4c1c16966ba9405d
- SHA256
  
  4cd45d9bf71422067e3769b993c8e047faa77c57202f1b9913ce8e9424078f72
- SHA512
  
  c8ba33d3b1b38cfbf3aac1eacdec4f92fb612fdd4f1358bcc8e58553666ddea06a8323d6048407c4506d547a8a3ae208a3f1e9477b770c683bfd4b551534bb3e
- SSDEEP
  
  768:QIBar1ZIZYnfI9opm6AIHIjaI7g9mVmUnNoNE/W5dRV8:pW1ZIZqI9opm6AIHIjzmUmNzd
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2