47c714271d734f7408df9983f3f8fe957382ac38c6c69978ea7e11846e0db10c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47c714271d734f7408df9983f3f8fe957382ac38c6c69978ea7e11846e0db10c
Size

627KB
Sample

221019-vm9k5ahab3
MD5

90f12df2cadf4206dd44a7dd7a8eef40
SHA1

74d220d8b05216ff9072ced4f427c88a84a2d697
SHA256

47c714271d734f7408df9983f3f8fe957382ac38c6c69978ea7e11846e0db10c
SHA512

968ed42bd61e0d8b1053c9a3390bcf9435f30425be6f50a7072b2d5fd24ecce51f4ba359b4b96db96e3d218a948845491072d7fd4bda18af81aae281b6c74d7d
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  47c714271d734f7408df9983f3f8fe957382ac38c6c69978ea7e11846e0db10c
- Size
  
  627KB
- MD5
  
  90f12df2cadf4206dd44a7dd7a8eef40
- SHA1
  
  74d220d8b05216ff9072ced4f427c88a84a2d697
- SHA256
  
  47c714271d734f7408df9983f3f8fe957382ac38c6c69978ea7e11846e0db10c
- SHA512
  
  968ed42bd61e0d8b1053c9a3390bcf9435f30425be6f50a7072b2d5fd24ecce51f4ba359b4b96db96e3d218a948845491072d7fd4bda18af81aae281b6c74d7d
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2