4ffc6485c598e4d4095c2e5bb61b1897845c29e7ad8c769fe5043618985e79f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ffc6485c598e4d4095c2e5bb61b1897845c29e7ad8c769fe5043618985e79f4
Size

20KB
Sample

221020-ttylrsdafl
MD5

968ff18c2cab4bfc4e321ccb2fc98d19
SHA1

50c3a3fb3e695ff1de2b5f6b0c42659ddfff7778
SHA256

4ffc6485c598e4d4095c2e5bb61b1897845c29e7ad8c769fe5043618985e79f4
SHA512

4056327e6a72afe9e25ae3aafd56c54089a8eae4005afae19babdc93f98f8e50cea69c506facf307b5f6c4f52b30b4962c90bc10dec5c248377d18806f0204de
SSDEEP

384:hItZOAfhzPMChAdxFgFo+efnX1T8FspE0JJh4:h+xN+FIFDiA

Score

8^/10

Malware Config

Targets

- Target
  
  4ffc6485c598e4d4095c2e5bb61b1897845c29e7ad8c769fe5043618985e79f4
- Size
  
  20KB
- MD5
  
  968ff18c2cab4bfc4e321ccb2fc98d19
- SHA1
  
  50c3a3fb3e695ff1de2b5f6b0c42659ddfff7778
- SHA256
  
  4ffc6485c598e4d4095c2e5bb61b1897845c29e7ad8c769fe5043618985e79f4
- SHA512
  
  4056327e6a72afe9e25ae3aafd56c54089a8eae4005afae19babdc93f98f8e50cea69c506facf307b5f6c4f52b30b4962c90bc10dec5c248377d18806f0204de
- SSDEEP
  
  384:hItZOAfhzPMChAdxFgFo+efnX1T8FspE0JJh4:h+xN+FIFDiA
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2