4b6591c4b13d84cbaca8dabc2c2620803a983f75c4faafcdd721e834c1cd333c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b6591c4b13d84cbaca8dabc2c2620803a983f75c4faafcdd721e834c1cd333c
Size

617KB
Sample

221020-vy6zdafbel
MD5

969c012f6509cdfe24ec093e20197d30
SHA1

e85fd814e6d453c4233f854815165616661921b1
SHA256

4b6591c4b13d84cbaca8dabc2c2620803a983f75c4faafcdd721e834c1cd333c
SHA512

539f2ed34191a68d8c752b6c81451d2be9cc984ca28711d799d899d947cb248c30cb42248909bd0b18326c61dd4d77279d2477b5b984116cc1b83d7d0d456527
SSDEEP

12288:OHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:ODgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  4b6591c4b13d84cbaca8dabc2c2620803a983f75c4faafcdd721e834c1cd333c
- Size
  
  617KB
- MD5
  
  969c012f6509cdfe24ec093e20197d30
- SHA1
  
  e85fd814e6d453c4233f854815165616661921b1
- SHA256
  
  4b6591c4b13d84cbaca8dabc2c2620803a983f75c4faafcdd721e834c1cd333c
- SHA512
  
  539f2ed34191a68d8c752b6c81451d2be9cc984ca28711d799d899d947cb248c30cb42248909bd0b18326c61dd4d77279d2477b5b984116cc1b83d7d0d456527
- SSDEEP
  
  12288:OHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:ODgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2