c68c1ceac29749ce41c3089ef15cb7ca4b3519a75b6233cbd14d675d49bd8c55 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c68c1ceac29749ce41c3089ef15cb7ca4b3519a75b6233cbd14d675d49bd8c55
Size

648KB
Sample

221011-f5tv3ageen
MD5

77dadfcd19bd2d9c2ce109fdc3980ce0
SHA1

60934216e240c190c4dd184720a2a9fd320c740d
SHA256

c68c1ceac29749ce41c3089ef15cb7ca4b3519a75b6233cbd14d675d49bd8c55
SHA512

f0f6e628f728f7db0467a060e3d31782283f82a4042a31695aa9420de1851bbe65f81fa4f87f28c585f73574d4240b33ec333348e9f7b15a3dca4d9ba3a9babb
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  c68c1ceac29749ce41c3089ef15cb7ca4b3519a75b6233cbd14d675d49bd8c55
- Size
  
  648KB
- MD5
  
  77dadfcd19bd2d9c2ce109fdc3980ce0
- SHA1
  
  60934216e240c190c4dd184720a2a9fd320c740d
- SHA256
  
  c68c1ceac29749ce41c3089ef15cb7ca4b3519a75b6233cbd14d675d49bd8c55
- SHA512
  
  f0f6e628f728f7db0467a060e3d31782283f82a4042a31695aa9420de1851bbe65f81fa4f87f28c585f73574d4240b33ec333348e9f7b15a3dca4d9ba3a9babb
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2