b4b0f578e14fe27aff1dc8775e4767f21f5789676ad5f198bf9e03350ac7bbf3 | Triage

Sharing

General

Target

b4b0f578e14fe27aff1dc8775e4767f21f5789676ad5f198bf9e03350ac7bbf3
Size

120KB
Sample

221019-t4jwcsgcer
MD5

81b5ac4c43ede6046f63ae4e356d79f0
SHA1

531535568a34c6f213eb75413c1f5c3742e0936f
SHA256

b4b0f578e14fe27aff1dc8775e4767f21f5789676ad5f198bf9e03350ac7bbf3
SHA512

3ccd9bfbafed009f30894afb52687a344d710c27b81c03968046b3b30a0f60f70a0323c9c2979fd7c723fb43d6d2a2966a00892194f6b04f4666b9bfbd2d0ea7
SSDEEP

768:Hcb913EZIIyW3kcXAo9JJ1uWXGGg3gX7zvEveqQR3uoHVx4Yv:Ha13EZIvO8o9JJkiGGwgPsGqQxuMLtv

Score

8^/10

Malware Config

Targets

- Target
  
  b4b0f578e14fe27aff1dc8775e4767f21f5789676ad5f198bf9e03350ac7bbf3
- Size
  
  120KB
- MD5
  
  81b5ac4c43ede6046f63ae4e356d79f0
- SHA1
  
  531535568a34c6f213eb75413c1f5c3742e0936f
- SHA256
  
  b4b0f578e14fe27aff1dc8775e4767f21f5789676ad5f198bf9e03350ac7bbf3
- SHA512
  
  3ccd9bfbafed009f30894afb52687a344d710c27b81c03968046b3b30a0f60f70a0323c9c2979fd7c723fb43d6d2a2966a00892194f6b04f4666b9bfbd2d0ea7
- SSDEEP
  
  768:Hcb913EZIIyW3kcXAo9JJ1uWXGGg3gX7zvEveqQR3uoHVx4Yv:Ha13EZIvO8o9JJkiGGwgPsGqQxuMLtv
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2