4bc60cce7e98b06b2c9dde6ece2452bd2f5ae532c61db0553a1e4ebd8fa133df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bc60cce7e98b06b2c9dde6ece2452bd2f5ae532c61db0553a1e4ebd8fa133df
Size

224KB
Sample

221003-j9f2jseha9
MD5

61a37277701758cb5d775159beeaaca0
SHA1

ab975206dcc0f815d6aedc005e0f2c4e4328dfdf
SHA256

4bc60cce7e98b06b2c9dde6ece2452bd2f5ae532c61db0553a1e4ebd8fa133df
SHA512

5b0dab1cff99cc4420a4c9ff2adf8ab66009291ca06d32f3b3077518bd5c31d1aa8d303fe6333bc71610327004f69b47d8511741fe48b5e0357e5c73da099af3
SSDEEP

3072:GmhKmM/gmy5bhCjG8G3GbGVGBGfGuGxGWYcrf6Kadk:GmwmMGAYcD6Kad

Score

8^/10

Malware Config

Targets

- Target
  
  4bc60cce7e98b06b2c9dde6ece2452bd2f5ae532c61db0553a1e4ebd8fa133df
- Size
  
  224KB
- MD5
  
  61a37277701758cb5d775159beeaaca0
- SHA1
  
  ab975206dcc0f815d6aedc005e0f2c4e4328dfdf
- SHA256
  
  4bc60cce7e98b06b2c9dde6ece2452bd2f5ae532c61db0553a1e4ebd8fa133df
- SHA512
  
  5b0dab1cff99cc4420a4c9ff2adf8ab66009291ca06d32f3b3077518bd5c31d1aa8d303fe6333bc71610327004f69b47d8511741fe48b5e0357e5c73da099af3
- SSDEEP
  
  3072:GmhKmM/gmy5bhCjG8G3GbGVGBGfGuGxGWYcrf6Kadk:GmwmMGAYcD6Kad
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2