f4237e24e2b59730356c178563bfa372463fac8e896f5b90b46535bf2931e995 | Triage

Sharing

General

Target

f4237e24e2b59730356c178563bfa372463fac8e896f5b90b46535bf2931e995
Size

2.3MB
Sample

221020-xxymqaahfn
MD5

7ccb77b7d3c1d1e9380b50fc55b0a3ba
SHA1

10872b5e2f939f80c062475502c0fc7c9354bc6b
SHA256

f4237e24e2b59730356c178563bfa372463fac8e896f5b90b46535bf2931e995
SHA512

b488a3b7718491f08bbbfed430a2640ece3f22a5beadc3a753f7ba5648b5aae43e90ca761cbcceeafe0404813999c60c51671e157d549caf0651c674de67090b
SSDEEP

49152:vKh+dSXhhUjls8+N6KQxyEgi7o2fd7Pz6Pz6Pz6Pz6Pz6PzVQcOU7m6lTteP7F:vKhsIhhUjls8M6Uhioud7r6r6r6r6r6q

Score

8^/10

Malware Config

Targets

- Target
  
  f4237e24e2b59730356c178563bfa372463fac8e896f5b90b46535bf2931e995
- Size
  
  2.3MB
- MD5
  
  7ccb77b7d3c1d1e9380b50fc55b0a3ba
- SHA1
  
  10872b5e2f939f80c062475502c0fc7c9354bc6b
- SHA256
  
  f4237e24e2b59730356c178563bfa372463fac8e896f5b90b46535bf2931e995
- SHA512
  
  b488a3b7718491f08bbbfed430a2640ece3f22a5beadc3a753f7ba5648b5aae43e90ca761cbcceeafe0404813999c60c51671e157d549caf0651c674de67090b
- SSDEEP
  
  49152:vKh+dSXhhUjls8+N6KQxyEgi7o2fd7Pz6Pz6Pz6Pz6Pz6PzVQcOU7m6lTteP7F:vKhsIhhUjls8M6Uhioud7r6r6r6r6r6q
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2