4cc59e2aaf2bd819cb76e5e4dd14a9d361679e798f18e5360db8b00ad759f47a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cc59e2aaf2bd819cb76e5e4dd14a9d361679e798f18e5360db8b00ad759f47a
Size

706KB
Sample

220919-jmhxmaega5
MD5

2def3b86e7117c6e78b333be209769b9
SHA1

2842267899c476e87f40de88c5f07590bc0c94e8
SHA256

4cc59e2aaf2bd819cb76e5e4dd14a9d361679e798f18e5360db8b00ad759f47a
SHA512

d22dfd9cf08ac9141cbcccb358f87bdfb4a385520df23f2e297c37b8f742bdfbd9ab299392ea2cf8c8926d14cb5f326e5819190e43ab8d2b0d5150a8111907da
SSDEEP

12288:gp/iN/mlVdtvrYeyZJf7kPK+iqBZn+D73iKHeGspT4IeAYE5DLam:gpQ/6trYlvYPK+lqD73TeGsp9YEgm

Score

8^/10

Malware Config

Targets

- Target
  
  4cc59e2aaf2bd819cb76e5e4dd14a9d361679e798f18e5360db8b00ad759f47a
- Size
  
  706KB
- MD5
  
  2def3b86e7117c6e78b333be209769b9
- SHA1
  
  2842267899c476e87f40de88c5f07590bc0c94e8
- SHA256
  
  4cc59e2aaf2bd819cb76e5e4dd14a9d361679e798f18e5360db8b00ad759f47a
- SHA512
  
  d22dfd9cf08ac9141cbcccb358f87bdfb4a385520df23f2e297c37b8f742bdfbd9ab299392ea2cf8c8926d14cb5f326e5819190e43ab8d2b0d5150a8111907da
- SSDEEP
  
  12288:gp/iN/mlVdtvrYeyZJf7kPK+iqBZn+D73iKHeGspT4IeAYE5DLam:gpQ/6trYlvYPK+lqD73TeGsp9YEgm
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2