5cec5d186598da9b2f144f7ac8e4d4307203fed9ef3dc5740d7cfd88d93a51db | Triage

Sharing

General

Target

5cec5d186598da9b2f144f7ac8e4d4307203fed9ef3dc5740d7cfd88d93a51db
Size

651KB
Sample

221012-wy7fksfahj
MD5

626bc30f4b6d6c59694f9e494ccbd050
SHA1

841fdbc179c2b007bb6c5ed2199893f9a8a3a797
SHA256

5cec5d186598da9b2f144f7ac8e4d4307203fed9ef3dc5740d7cfd88d93a51db
SHA512

4e65d6e93ad7d9d65e3a7af597b9fcdab123c3b44f343e6a29d13ef1636893d4478378f002a061595dc29ba9ed9413059d9bc0878d1ff91ef38678526684992a
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  5cec5d186598da9b2f144f7ac8e4d4307203fed9ef3dc5740d7cfd88d93a51db
- Size
  
  651KB
- MD5
  
  626bc30f4b6d6c59694f9e494ccbd050
- SHA1
  
  841fdbc179c2b007bb6c5ed2199893f9a8a3a797
- SHA256
  
  5cec5d186598da9b2f144f7ac8e4d4307203fed9ef3dc5740d7cfd88d93a51db
- SHA512
  
  4e65d6e93ad7d9d65e3a7af597b9fcdab123c3b44f343e6a29d13ef1636893d4478378f002a061595dc29ba9ed9413059d9bc0878d1ff91ef38678526684992a
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2