19d4d4594cffde3006ddc68727e6a1e9798e7c1d7f5fedb5f4b63c3e00e4a720 | Triage

Sharing

General

Target

19d4d4594cffde3006ddc68727e6a1e9798e7c1d7f5fedb5f4b63c3e00e4a720
Size

697KB
Sample

221011-tw6p6adee9
MD5

7c322be974e8deb64b30fc7bc7c92cb8
SHA1

66d61d7b978fecfd28808b2c0632a0a3ad365600
SHA256

19d4d4594cffde3006ddc68727e6a1e9798e7c1d7f5fedb5f4b63c3e00e4a720
SHA512

b5859ae72285bc7d8c55026d5f340b713dc40e74d3754a7a16ae6863f49aa524d728c1551fcc1e8cf39a463b83b8f2f22466eacd52d69138c21109eecdaba868
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  19d4d4594cffde3006ddc68727e6a1e9798e7c1d7f5fedb5f4b63c3e00e4a720
- Size
  
  697KB
- MD5
  
  7c322be974e8deb64b30fc7bc7c92cb8
- SHA1
  
  66d61d7b978fecfd28808b2c0632a0a3ad365600
- SHA256
  
  19d4d4594cffde3006ddc68727e6a1e9798e7c1d7f5fedb5f4b63c3e00e4a720
- SHA512
  
  b5859ae72285bc7d8c55026d5f340b713dc40e74d3754a7a16ae6863f49aa524d728c1551fcc1e8cf39a463b83b8f2f22466eacd52d69138c21109eecdaba868
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2