f49651cc591a70ada81923879dc55003db47983af92d038eeffaae7245f031bc | Triage

Sharing

General

Target

f49651cc591a70ada81923879dc55003db47983af92d038eeffaae7245f031bc
Size

668KB
Sample

221011-f5fcnsgeej
MD5

439959a920e04f2db59b7fe2dd3ef430
SHA1

561e0630ea09a5f45f46d8abc4f422ad2dcd6fa7
SHA256

f49651cc591a70ada81923879dc55003db47983af92d038eeffaae7245f031bc
SHA512

45cf7794c24864c749592f9060b1c4539eb8051747e2042dc2532ad9fc23c71a88a382cae90599a01e73dbeb8630b02508f1355bb5b8fb474b30cf4dd8d7f13d
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  f49651cc591a70ada81923879dc55003db47983af92d038eeffaae7245f031bc
- Size
  
  668KB
- MD5
  
  439959a920e04f2db59b7fe2dd3ef430
- SHA1
  
  561e0630ea09a5f45f46d8abc4f422ad2dcd6fa7
- SHA256
  
  f49651cc591a70ada81923879dc55003db47983af92d038eeffaae7245f031bc
- SHA512
  
  45cf7794c24864c749592f9060b1c4539eb8051747e2042dc2532ad9fc23c71a88a382cae90599a01e73dbeb8630b02508f1355bb5b8fb474b30cf4dd8d7f13d
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2